COMMAND

    Cisco

SYSTEMS AFFECTED

    Cisco SN 5420 Storage Routers

PROBLEM

    Following  is   based  on   a  Cisco   Security  Advisory.     Two
    vulnerabilities  have  been  discovered  in  Cisco SN 5420 Storage
    Router software release  up to and  including 1.1(3).   One of the
    vulnerabilities  can  cause  Denial-of-Service  attack.  The other
    allows unrestricted low level access to the SN 5420.

    There is no workaround for these vulnerabilities.  It is  possible
    to mitigate them by blocking access  to ports 513 and 8023 on  the
    network edge.  The vulnerabilities are documented in Cisco Bug IDs
    CSCdu27529 and CSCdu27514.  No other Cisco product is affected  by
    these vulnerabilities.

    Cisco SN 5420 Storage Routers  running software release up to  and
    including  1.1(3)  are  affected   by  the  vulnerabilities.    To
    determine your software release, type "show system" at the command
    prompt.   No   other  Cisco   products  are   affected  by   these
    vulnerabilities.

    CSCdu27529
    ==========
    You  can  reboot  the  device  by  rapidly  establishing  multiple
    connections  to   TCP  port   8023.    By  repeatedly   exploiting
    CSCdu27529,  it  is  possible  to  prevent  a  user from accessing
    storage, thus causing Denial-of-Service attack.

    CSCdu27514
    ==========
    When logging into SN 5420 using "rlogin" or when connecting to the
    port 8023 from the GigabitEthernet or management interface, a user
    can access a developer's' shell of  the SN 5420.  The user  is not
    asked for a password.  No other authorization is performed.   This
    shell  is  used  during  developing  for  testing.   Starting with
    software  releases  1.1(4),  this  capability  is removed from the
    software.

    When  logged  into  a  developer's  shell  (CSCdu27514), users can
    execute debug  commands, start  and stop  processes, and interfere
    with the normal process execution.   Users who are logged in  such
    a  manner  and  all  commands  executed  by them are not logged or
    shown using the  standard logging mechanism  of the Cisco  SN 5420
    Storage Router.

SOLUTION

    The  vulnerabilities  are  fixed  in  the  release  1.1(4)  of the
    software, which is  availabe on CCO.   There is no  workaround for
    these  vulnerabilities.   It  is  possible  to  mitigate  them  by
    blocking access to ports 513 and 8023 on the network edge.