Cisco works to fix switch glitch

Cisco has released a security advisory for its Arrowpoint switch, revealing that non-privileged users can either force a denial of service (DoS) attack on the hardware or view files to which they do not have access rights.

The company has said that although there is a fix available for the DoS problem, it can only currently offer a workaround for the file viewing glitch.

Only the carrier class Arrowpoint, or Content Services, switch is affected on hardware platforms 11050, 11150, and 11800 running the WebNS software. The problem poses a threat once access to the command line interface is gained.

But even a non-privileged user with access to the command line can run a command which contains a filename that is the maximum length of the input buffer. This would cause the switch to reboot and perform a systems check, effectively putting the machine out of action for about five minutes.

Cisco said that commands which can be manipulated to do this include show script, clear script, show archive, clear archive, show log and clear log. Non-privileged users can also read files they would not normally have access to if they know the location of the data.

A fix is available for the DoS vulnerability by upgrading the switch's WebNS software to version 4.01(12s) or revision 3.10(71s). Cisco is offering the software upgrades free of charge.

The file system information disclosure vulnerability is scheduled to be fixed, but is currently unresolved. In the meantime, the company recommends a workaround by applying access control lists and additional firewalling to restrict access to the command line interface on the device. It is also advisable to disable Telnet access to the switch by adding the command: CS150(config)# telnet access disabled.

Workaround information is available here and here.

Details of the fixes and software upgrades are available here.