[c-nsp] Cisco Security Advisory: Cisco Email Security Appliance Advanced Malware Protection Attachment Scanning Denial of Service Vulnerability
Cisco Systems Product Security Incident Response Team
psirt at cisco.com
Wed Oct 26 12:06:17 EDT 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Email Security Appliance Advanced Malware Protection Attachment Scanning Denial of Service Vulnerability
Advisory ID: cisco-sa-20161026-esa2
Revision 1.0
For Public Release 2016 October 26 16:00 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition.
The vulnerability is due to improper handling of UU-encoded files that are attached to an email message. An attacker could exploit this vulnerability by sending a crafted email message with a UU-encoded file attachment through an affected device. The scanning of the attachment could cause the mail handling process of the affected software to restart, resulting in a DoS condition. After the mail handling process restarts, the software resumes scanning for the same attachment, which could cause the mail handling process to restart again. A successful exploit could allow the attacker to cause a repeated DoS condition.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (SunOS)
iQIVAwUBWAef8K89gD3EAJB5AQJmjhAArJx4+FUbQwa+YUwSBBgQN3NWEAXD0VdZ
5gl9ig/7Y5AST/OrhAfhTVL94/8O/0FECeXqlmRc9qrAJ6ouR3GcvIhd0kOYTmeR
Pxj+v0XyBJlp1qzvgy97jM+hSXoT/8MPcdAzVBlTtI2pFOnkgAPWGuKr/nbR7AkD
gRns2NRPlXTZnyo5LpxXR/JLo0+RpTOFPpuZNZYSLf0uOVimfrR+OLssCnzIZFdu
8P2k3XMU7oa6QA/EIruayFqBOaIWjjLvcyNPPehUU3Ye3g1tR86qU6Ik/E4VTSDB
ufxg/GtbafCkYqa6TEeWWQRyNUUDzo8rKjFz+HY5yuKEaT6IH9dpPndj8N/LQO93
R58OABHlpQdlDynSPSInMzK+PkEX3R8+HmViVmcVKYmm847uExkcYJljKoPEE6iB
b90VJ4Ey8KThCKNCNDF5c27cv5Yl8RnhZBCl2glVY0jNoBsAPO8xHwxd+MZBCspx
YldjHeBNZpWGx0ZN8OX/qY33nEC9DOKdGshmYt8xA+BIhlAfGeHGNZft9U4cXdYm
/ZwTNc8e3ujzaR/o9T+G9LngBWKyMJ6JP9ydhnsh3kZJN3BH8ZdoxS3YUd3asdpB
9PTgpMqd4fk3W8KIQthmi3Mm7grihw/Bz+PKfFxQNvPW6KIcAqS/A0m0sminPHXK
K7VNsuZha80=
=wtS3
-----END PGP SIGNATURE-----
More information about the cisco-nsp
mailing list