Vigil@nce - Cisco Email Security Appliance: denial of service via Max Files
December 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can send several thousands malicious queries to Cisco
Email Security Appliance, in order to use all descriptors, and to
trigger a denial of service.
– Impacted products: AsyncOS, Cisco ESA.
– Severity: 2/4.
– Creation date: 01/10/2015.
DESCRIPTION OF THE VULNERABILITY
The Cisco Email Security Appliance product offers a web service.
However, a special HTTP query triggers an error, and a file
descriptor is not closed.
An attacker can therefore send several thousands malicious queries
to Cisco Email Security Appliance, in order to use all
descriptors, and to trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN