Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce - Cisco Email Security Appliance: denial of service via Max Files

December 2015 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can send several thousands malicious queries to Cisco
Email Security Appliance, in order to use all descriptors, and to
trigger a denial of service.

 Impacted products: AsyncOS, Cisco ESA.
 Severity: 2/4.
 Creation date: 01/10/2015.

DESCRIPTION OF THE VULNERABILITY

The Cisco Email Security Appliance product offers a web service.

However, a special HTTP query triggers an error, and a file
descriptor is not closed.

An attacker can therefore send several thousands malicious queries
to Cisco Email Security Appliance, in order to use all
descriptors, and to trigger a denial of service.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/Cisco-Email-Security-Appliance-denial-of-service-via-Max-Files-18012


See previous articles

    

See next articles












Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts