7
2009
Cisco Global Site Selector Appliances DNS Vulnerability
An article by 
The Cisco Application Control Engine Global Site Selector (GSS) contains a vulnerability when processing specific Domain Name System (DNS) requests that may lead to a crash of the DNS service on the GSS.
Cisco has released free software updates that address this vulnerability.
A workaround that mitigates this vulnerability is available.
Vulnerable Products
The following GSS products are affected by this vulnerability:
- Cisco GSS 4480 Global Site Selector
- Cisco GSS 4490 Global Site Selector
- Cisco GSS 4491 Global Site Selector
- Cisco GSS 4492R Global Site Selector
Details
The Cisco GSS platform allows customers to leverage global content deployment across multiple distributed and mirrored data locations, optimizing site selection, improving Domain Name System (DNS) responsiveness, and ensuring data center availability.
The GSS is inserted into the traditional DNS hierarchy and is closely integrated with the Cisco CSS, Cisco Content Switching Module (CSM), or third-party server load balancers (SLBs) to monitor the health and load of the SLBs in customers data centers. The GSS uses this information and user-specified routing algorithms to select the best-suited and least-loaded data center in real time.
A vulnerability exists in the GSS when processing a specific sequence of DNS requests. An exploit of the vulnerability may result in a crash of the DNS service on the GSS.
When the DNS server crashes, an error message will appear in the logs similar to the following example:
Dec 18 04:47:21 gss NMR-6-LAUNCHSVR_EXIT[27261] dnsserver’ has exited [ExitUnknown(139)]”
This vulnerability is documented in Cisco Bug ID: CSCsj70093 ( registered customers only)
This vulnerability has been assigned the Common Vulnerabilities and Exposures (CVE) identifier CVE-2008-3819.
Impact
Successful exploitation of the vulnerability may result in a crash of the GSS DNS service. Repeated exploitation may result in a sustained denial of service (DoS) attack.
More info on http://www.cisco.com/…/products_security_advisory09186a0080a57481.shtml
Leave a comment
Archives
- February 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008