====================================================================

                             CERT-Renater

                  Note d'Information No. 2012/VULN405
____________________________________________________________________

DATE                : 11/10/2012

HARDWARE PLATFORM(S): Cisco Catalyst 6500 Series Switches,
                      Cisco 7600 Series Routers.

OPERATING SYSTEM(S) : Cisco Catalyst 6500 Series Switches OS,
                      Cisco 7600 Series Routers OS,
                       running Cisco Firewall Services Module.

======================================================================
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm
______________________________________________________________________

Multiple Vulnerabilities in Cisco Firewall Services Module

Advisory ID: cisco-sa-20121010-fwsm

Revision 1.0

For Public Release 2012 October 10 16:00  UTC (GMT)
- ----------------------------------------------------------------------

Summary
=======

The Cisco Firewall Services Module (FWSM) for Cisco Catalyst 6500
Series Switches and Cisco 7600 Series Routers is affected by the
following vulnerabilities:

DCERPC Inspection Buffer Overflow Vulnerability
DCERPC Inspection
Denial Of Service Vulnerabilities

These vulnerabilities are not interdependent; a release that is
affected by one vulnerability is not necessarily affected by the other.

Exploitation of these vulnerabilities could allow an unauthenticated,
remote attacker to trigger a reload of the affected device, or to
execute arbitrary commands.  Repeated exploitation could result in a
denial of service (DoS) condition.

Cisco has released free software updates that address these
vulnerabilities. There are no workarounds that mitigate these
vulnerabilities.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm

Note: The Cisco Catalyst 6500 Series ASA Services Module, and the
Cisco ASA 5500 Series Adaptive Security Appliance may also be affected
by these vulnerabilities.

The vulnerabilities affecting the Cisco Catalyst 6500 Series ASA
Services Module and Cisco ASA 5500 Series Adaptive Security Appliance
have been disclosed in a separate Cisco Security Advisory. The
Advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa
======================================================================

=========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
=========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44          +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41          +
+ 75013 Paris           | email: certsvp@renater.fr     +
=========================================================