Cisco Application Velocity System Open TCP Proxy Vulnerability

Bugtraq ID:	17937
Class:	Access Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	May 10 2006 12:00AM
Updated:	May 15 2006 05:59PM
Credit:	The vendor disclosed this issue.
Vulnerable:	Cisco Application Velocity System 3120 5.0 Cisco Application Velocity System 3110 5.0 Cisco Application Velocity System 3110 4.0
Not Vulnerable:	Cisco Application Velocity System 3120 5.0.1 Cisco Application Velocity System 3110 5.0.1

Cisco Application Velocity System Open TCP Proxy Vulnerability

Cisco Application Velocity System (AVS) is susceptible to a remote open TCP proxy vulnerability. This software fails to allow only valid TCP ports to be used by remote users.

Remote attackers may use the affected software as an open TCP proxy. Attackers have exploited this to send unsolicited commercial email (UCE).

Versions of AVS prior to 5.0.1 are vulnerable to this issue.

Cisco Application Velocity System Open TCP Proxy Vulnerability

Attackers use readily available network utilities to exploit this issue.

Cisco Application Velocity System Open TCP Proxy Vulnerability

Solution:
Cisco has released an advisory along with fixes to address this issue. Please see the referenced advisory for further information.

Note that the instructions given in the workaround section must still be performed after fixes have been applied.

Cisco Application Velocity System Open TCP Proxy Vulnerability

References:

• Cisco Application Velocity System (AVS) Product Page (Cisco)
  
• Cisco Security Advisory: AVS TCP Relay Vulnerability (Cisco)