Vigil@nce - Cisco AsyncOS: ZIP not blocked
October 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can create a malicious ZIP archive, which is not
blocked by Cisco AsyncOS on Cisco Email Security Appliance, in
order to infect the destination victim computer.
Impacted products: AsyncOS, Cisco ESA
Severity: 2/4
Creation date: 14/10/2014
DESCRIPTION OF THE VULNERABILITY
The Cisco AsyncOS product inspects ZIP archives searching for
malware.
However, if the ZIP archive is specially formed, AsyncOS does not
recognize the malware.
An attacker can therefore create a malicious ZIP archive, which is
not blocked by Cisco AsyncOS on Cisco Email Security Appliance, in
order to infect the destination victim computer.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Cisco-AsyncOS-ZIP-not-blocked-15466