| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 27 Jan 2016 11:16:46 -0500 From: Cisco Systems Product Security Incident Response Team <psirt@...co.com> To: bugtraq@...urityfocus.com Cc: psirt@...co.com Subject: Cisco Security Advisory: Cisco Wide Area Application Service CIFS DoS Vulnerability -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Wide Area Application Service CIFS Denial of Service Vulnerability Advisory ID: cisco-sa-20160127-waascifs Revision 1.0 For Public Release 2016 January 27 16:00 UTC (GMT) +--------------------------------------------------------------------- Summary ======= A vulnerability in the Common Internet File System (CIFS) optimization feature of the Cisco Wide Area Application Service (WAAS) device could allow an unauthenticated, remote attacker to perform a resource consumption attack which, could result in a complete denial of service (DoS) condition. The vulnerability is due to insufficient flow handling of incoming CIFS traffic. An attacker could exploit this vulnerability by sending malicious traffic designed to trigger the vulnerability. An exploit could allow the attacker to cause a DoS condition by exhausting system buffering resources, resulting in a reload of the affected device. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-waascifs -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVqfRmq89gD3EAJB5AQJDDxAAn8gJTfbn8TEzTYDMNETTOy3xObGLUA6f 70wnslFvQz4hgV4J9Op6PC54PtEyuu9DE2w2cS2QfOGmIUN1zH1+/C7HSRCaS5xc nYftgXwI/aW4bay9mUDi5ONiz/6akZrSQ9uJhsTvs+UWe0UmMy1UTeOUj738P8g4 pwjaMgSWoxp5uyHGfGg3fs5ZUIajb/VbpMMV55p3J267W/Hbq6JPOp7VkZ6IAF6p q47BjgWzPLtTOTzlEce5U/QRrHD3nSCMp3o6jZEupJV+oX6UlrjFIEz/rYunlFDp wzOsvl3qgzK4Nk9x3obmBbVCbYqJoRgEC8RBOHAFfs8cOrT3tKSTYhGdnfxt2+Nw NbEV/6QoMDb6fQA45hTbL5wQxm4ZRkghMhynnfK4mZF6be/vySa5rywAOrTXmeqf h2P7QxxcH2AW64nx8EN2sPnKQNVckwp6aOtAYAKsZGU3ig5OCNu6BzggVyvSrFHw oD5UffKaWcmsKq7c+y3G8eyNep0wlmjZsai/TlrpKPMWyr5Tu/xD0SavJJXtu/o8 B+BF8xG8Fft60gE1hD6aWCYOna0MGYx6ElFIBxnOs69f7DREpvuEFunyUsrV0kL4 5+Zh1pL+G2thymron/FLZl98itQInoHhXCFlkjg3fz5CL/rZbeEkXNXDbK/Dh8ii dc5T22b+OmA= =76fK -----END PGP SIGNATURE-----
Powered by blists - more mailing lists