The OpenNET Project

Cisco Security Advisory: Vulnerabilities in Cisco SN 5420 Storage Routers

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
Date: Wed, 1 Aug 2001 14:46:17 -0500
Subject: Cisco Security Advisory: Vulnerabilities in Cisco SN 5420 Storage Routers


   Cisco Security Advisory: Vulnerabilities in Cisco SN 5420 Storage

Revision 1.0

  For Public Release 2001 July 11 08:00 (UTC -0800)


   Two vulnerabilities have been discovered in Cisco SN 5420 Storage
   Router software release up to and including 1.1(3). One of the
   vulnerabilities can cause Denial-of-Service attack. The other allows
   unrestricted low level access to the SN 5420.

   There is no workaround for these vulnerabilities. It is possible to
   mitigate them by blocking access to ports 513 and 8023 on the network

   The vulnerabilities are documented in Cisco Bug IDs CSCdu27529 and

   No other Cisco product is affected by these vulnerabilities.

   This advisory is available at

Affected Products

   Cisco SN 5420 Storage Routers running software release up to and
   including 1.1(3) are affected by the vulnerabilities.

   To determine your software release, type "show system" at the command

   No other Cisco products are affected by these vulnerabilities.


          You can reboot the device by rapidly establishing multiple
          connections to TCP port 8023.

          When logging into SN 5420 using "rlogin" or when connecting to
          the port 8023 from the GigabitEthernet or management interface,
          a user can access a developer's' shell of the SN 5420. The user
          is not asked for a password. No other authorization is
          performed. This shell is used during developing for testing.

          Starting with software releases 1.1(4), this capability is
          removed from the software.


   By repeatedly exploiting CSCdu27529, it is possible to prevent a user
   from accessing storage, thus causing Denial-of-Service attack.

   When logged into a developer's shell (CSCdu27514), users can execute
   debug commands, start and stop processes, and interfere with the
   normal process execution. Users who are logged in such a manner and
   all commands executed by them are not logged or shown using the
   standard logging mechanism of the Cisco SN 5420 Storage Router.

Software Versions and Fixes

   The vulnerabilities are fixed in the release 1.1(4) of the software,
   which is availabe on CCO.

Obtaining Fixed Software

   Cisco is offering free software upgrades to eliminate this
   vulnerability for all affected customers. Customers with contracts
   should obtain upgraded software through their regular update channels.
   For most customers, this means that upgrades should be obtained
   through the Software Center on Cisco's Worldwide Web site at

   Customers whose Cisco products are provided or maintained through
   prior or existing agreement with third-party support organizations
   such as Cisco Partners, authorized resellers, or service providers
   should contact that support organization for assistance with the
   upgrade, which should be free of charge.

   Customers without contracts should get their upgrades by contacting
   the Cisco Technical Assistance Center (TAC). TAC contacts are as

     * +1 800 553 2447 (toll-free from within North America)
     * +1 408 526 7209 (toll call from anywhere in the world)
     * e-mail:

   Give the URL of this notice as evidence of your entitlement to a
   free upgrade. Free upgrades for non-contract customers must be
   requested through the TAC.

   Please do not contact either "" or
   "" for software upgrades.


   There is no workaround for these vulnerabilities. It is possible to
   mitigate them by blocking access to ports 513 and 8023 on the network

Exploitation and Public Announcements

   The Cisco PSIRT is not aware of any public announcements or malicious
   use of the vulnerabilities described in this advisory.

   These vulnerabilities were found internally during product

Status of This Notice: FINAL

   This is a final notice. Although Cisco cannot guarantee the accuracy
   of all statements in this notice, all of the facts have been checked
   to the best of our ability. Cisco does not anticipate issuing updated
   versions of this notice unless there is some material change in the
   facts. Should there be a significant change in the facts, Cisco may
   update this notice.


   This notice will be posted on Cisco's Worldwide Web site at In
   addition to Worldwide Web posting, a text version of this notice is
   clear-signed with the Cisco PSIRT PGP key and is posted to the
   following e-mail and Usenet news recipients:

     * (includes CERT/CC)
     * Various internal Cisco mailing lists

   Future updates of this notice, if any, will be placed on Cisco's
   Worldwide Web server, but may or may not be actively announced on
   mailing lists or newsgroups. Users concerned about this problem are
   encouraged to check the URL given above for any updates.

Revision History

   Revision 1.0 2001-July-11 08:00 UTC -0800 Initial public release

Cisco Security Procedures

   Complete information on reporting security vulnerabilities in Cisco
   products, obtaining assistance with security incidents, and
   registering to receive security information from Cisco, is available
   on Cisco's Worldwide Web site at
   This includes instructions for press inquiries regarding Cisco
   security notices.

   The rest of the Cisco Security Advisories are available at

   This notice is Copyright 2001 by Cisco Systems, Inc. This notice may
   be redistributed freely after the release date given at the top of the
   text, provided that redistributed copies are complete and unmodified,
   and include all date and version information.

Version: 2.6.2


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Inferno Solutions
Hosting by

Закладки на сайте
Проследить за страницей
Created 1996-2023 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру