Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

FWSM vulnerability question

Hi all

i have faced an issue with FWSM that it was stop forwarding traffic suddenly when making a capture for icmp traffic on a new created interface and it was must to reload the module.

Before reloading the module , an error was appeared when trying to apply any command in the firewall module :

np_wr_fp_interface_stats failed
np_wr_fp_interface_stats failed Interface stats query failed.


i tried to search about that error and found that A vulnerability exists in the Cisco Firewall Services Module (FWSM) for the Catalyst 6500 Series Switches and Cisco 7600 Series Routers. The vulnerability may cause the FWSM to stop forwarding traffic and may be triggered while processing multiple, crafted ICMP messages.

http://www.cisco.com/warp/public/707/cisco-sa-20090819-fwsm.shtml


i need to know what is meant by crafted ICMP message????


regards

1 REPLY
Cisco Employee

Re: FWSM vulnerability question

Crafted icmp messages means icmp packets that have a specific pattern in them. It is a very rare ocassion.

Your symptoms do not clearly point to that defect.

There could be multiple issues that could relate with the problem and if you don't have more data it is hard to track.

The "np_wr_fp_interface_stats" errors do not correlate with the defect you mentioned though. A reset of the blade should make these logs disappear.

I hope it helps.

PK

740
Views
0
Helpful
1
Replies
CreatePlease to create content