Operating System:

[Appliance]

Published:

13 September 2012

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2012.0127
        A number of vulnerabilities have been identified in Quagga
                   as used by McAfee Firewall Enterprise
                             13 September 2012

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              McAfee Firewall Enterprise 7.x
                      McAfee Firewall Enterprise 8.x
Operating System:     Network Appliance
Impact/Access:        Denial of Service -- Remote/Unauthenticated
Resolution:           Patch/Upgrade
CVE Names:            CVE-2012-1820 CVE-2012-0255 CVE-2012-0250
                      CVE-2012-0249  
Member content until: Saturday, October 13 2012
Reference:            ESB-2012.0870
                      ESB-2012.0597
                      ESB-2012.0412

OVERVIEW

        A number of vulnerabilities have been identified in Quagga as used by
        McAfee Firewall Enterprise 8.x and 7.x.


IMPACT

        The vendor has provided the following details regarding these issues:
        
        "McAfee Firewall Enterprise is affected by the vulnerabilities 
        Quagga CVE-2012-0255, CVE-2012-0250, CVE-2012-0249, and CVE-2012-1820. 
        However, fixes are contained in the latest Firewall Enterprise 
        releases." [1]
        
        If exploited by unauthenticated remote attackers, these vulnerabilities 
        could potentially allow cause a denial of service in McAfee Firewall
        Enterprise.


MITIGATION

        The vendor has stated that thes issues are corrected in versions
        7.0.1.05.H05, 8.2.1P04 and in the upcoming release 8.3.0 of
        McAfee Firewall Enterprise. It is recommended that users upgrade to 
        the relevant latest version to correct these vulnerabilities. [1]


REFERENCES

        [1] Firewall Enterprise: Response to vulnerability Quagga
            CVE-2012-0255, CVE-2012-0250, CVE-2012-0249, and CVE-2012-1820
            https://kc.mcafee.com/corporate/index?page=content&id=KB76173

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBUFFSWu4yVqjM2NGpAQKiFQ//TjEV4rTFsuIIJv2z1DC0Fe0pPrB7QPYI
14I1fvBJkqyVaq2swuH9GpCReGic8nUkmnKIAp75CrRtUtsLZaY1dGEV+t7o3PdM
OsByEty+QQeA6Tj3mFupCTvLQL4KSopzagh0qClYmcptoanAbQcFVHaMMWvJMH/l
6hNXCKhYWg6VFv0QdjYshL8mcJpij6E2MyTyB35i5WIfCkuWPE1+MQjyBRiVRXKA
pm7BBMKrs90HFtNlLvIK5rkQZiP6Ecto62xchN8l6K24Nhv8YaKqstb6XKRTwwkB
4mJxGRU8rGeRv715blTYPNhlIGPpnzVaAwNA2YRtA5fLXTbAznvMf2YZmSDw+vsu
//OKov26yZUIlCGC/Y95K3KP6eUSFMfBDRQoVw67f0jlozz25yJiEPoQWxzz/81F
Mhwy7CnhUojY3WkAMgf3qB+Pux9ddPprjkUWODZozx86z3QXOEwPpp86YtHoW6nG
W9h1PIDHRyE9tsjW3gcjscNn/oBKNaRB26B9LUtSkLPPwXoy7F6wstt3K4iOzEhw
popPWsVkwSMN2ujcTNlntdflUN0In/tDNoDH4Grbjm04O+gL38Hc09mcaMMH7QxN
dZjHgaOXDFy5F62lQeldZTJ8Tg5vCurTYHO2pj+VOaVOnVJE4Vp5b9gi5k/xR/i0
VhppnZkSexY=
=mqcG
-----END PGP SIGNATURE-----