[c-nsp] Cisco Security Advisory: Cisco Email Security Appliance Email Scanner Denial of Service Vulnerability

Cisco Systems Product Security Incident Response Team psirt at cisco.com
Wed Nov 4 11:06:11 EST 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Email Security Appliance Email Scanner Denial of Service Vulnerability

Advisory ID: cisco-sa-20151104-esa2

Revision 1.0

For Public Release 2015 November 4 16:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

A vulnerability in the email message filtering feature of Cisco AsyncOS 
for Cisco Email Security Appliance (ESA) could allow an unauthenticated, 
remote attacker to cause an ESA device to become unavailable due to a 
denial of service (DoS) condition.

The vulnerability is due to improper input validation when an email 
attachment contains corrupted fields and is filtered by the ESA. An 
attacker could exploit this vulnerability by sending a crafted email 
with an attachment to the ESA. A successful exploit could allow the 
attacker to cause a DoS condition. While the attachment is being
filtered, memory is consumed at at high rate until the filtering 
process restarts. When the process restarts, it will resume processing 
the same malformed attachment and the DoS condition will continue. 
Cisco has released software updates that address this vulnerability. 
There are no workarounds that mitigate this vulnerability.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-esa2

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (SunOS)

iQIVAwUBVjU+vYpI1I6i1Mx3AQI3Lg//UM5v2fIxL1lNXJ+jL4Gt90DoB2nATquF
YWyBxvmEzoVEy8v4YlL9TP09lc/jZEVhVTP4GbK8nplCrNP/Ah+NOfXzTF7bt/er
ye+WWLIOex8W6+YAalLheIhAosCCGCJLQ4nwsTCSymYqBBI6QOEJYgoLxSwUOvVs
zjM+UOA8pLnRiyTHpgWtsj/sLUUZ5IItM9/RrfZ34lMlRXlydJFObGlT5fsUcWxg
YWAja2jNqp2mUv0Q6MabOku23SW7tBCIkYF2VYVaZ11Sf0gFMqBeNHnRk0pz56Ok
8lzpZSXjl+wZV8UtTyZksTkrXSUYzu5OmkDHaC3QOlcJmAm1rLIE+F6PSdh0hDuI
1yfivRv8JsKZO18IN86lZLYR7ath76WqWLiQzy6/VSfkfBWBdFRE8dzObN7jzt/V
rKHlI30AbA38HqkI+H3DwTLPlGABXN43kk6H+Bg8eUPKuH+7hUZfZL5J7qlM7xIe
J5mNiHW2dQz2/2N6fhxjtkfr0bbl6jztLGlXh+Z6iJmAEcxUStTqlm18rHQ3aL34
rGif+IDd0eCHUQtm1eEXiO4v3paKHE0VDko6gSd3fojLQ1HDN3Wf4PovfOYGphRI
x4vy5cK3gqK55OkZMuhoRz1F10njVfwA1wdvsw7SSiZ2NHsR8BRa454Fr5DTiM5k
LvbY0kRKk88=
=gFEa
-----END PGP SIGNATURE-----


More information about the cisco-nsp mailing list