[c-nsp] Cisco Security Advisory: Cisco Ironport Appliances Sophos Anti-virus Vulnerabilities

Cisco Systems Product Security Incident Response Team psirt at cisco.com
Thu Nov 8 22:15:25 EST 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Ironport Appliances Sophos Anti-virus Vulnerabilities

Advisory ID: cisco-sa-20121108-sophos

Revision 1.0

For Public Release 2012 November 9 03:00  UTC (GMT)
- ----------------------------------------------------------------------

Summary
=======

Cisco IronPort Email Security Appliances (ESA) and Cisco IronPort Web
Security Appliances (WSA) include versions of Sophos Anti-Virus that
contain multiple vulnerabilities that could allow an unauthenticated,
remote attacker to gain control of the system, escalate privileges, or
cause a denial-of-service (DoS) condition. An attacker could exploit
these vulnerabilities by sending malformed files to an appliance that
is running Sophos Anti-Virus. The malformed files could cause the
Sophos antivirus engine to behave unexpectedly.

As updates that address these vulnerabilities become available from
Sophos, Cisco is working to qualify and automatically provision them
through the Cisco Ironport ESA and WSA platforms.

A workaround that mitigates these vulnerabilities is available. This
advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121108-sophos 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org

iF4EAREIAAYFAlCcc5kACgkQUddfH3/BbToP4gD9EAi0HThOKyN0FiypwUcOmL8Y
b99aEPPaiqLIhNwifncA/2ijY0H+wz0TPPBbTywNoXjlgor+1AZqzzIXEOEndiMf
=6YeL
-----END PGP SIGNATURE-----


More information about the cisco-nsp mailing list