lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 19 Mar 2014 12:11:51 -0400
From: Cisco Systems Product Security Incident Response Team <psirt@...co.com>
To: bugtraq@...urityfocus.com
Cc: psirt@...co.com
Subject: Cisco Security Advisory: Cisco AsyncOS Software Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco AsyncOS Software Code Execution Vulnerability

Advisory ID: cisco-sa-20140319-asyncos

Revision 1.0

For Public Release 2014 March 19 16:00  UTC (GMT)

Summary
=======

Cisco AsyncOS Software for Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) contain a vulnerability that could allow an authenticated remote attacker to execute arbitrary code with the privileges of the root user.

Cisco has released free software updates that address this vulnerability.
Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140319-asyncos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJTKb4hAAoJEIpI1I6i1Mx35cMP/0ljzKTeBLaUxTB6AKLpxOuF
Y3VMZDN/qb5VTUbZ4aiEbN24xkIgtTJnR9kXG4qOQLRX1goJuNJ2nMaX9pCm2k9v
hxgIAZaKT1HAyQgculAeAUxXvYAUC1kQKXRpBUWDdsu0vtBo4eN+y8OucjIXxOOH
3d3mXWmxyzMQBtD+HTmwLR+J4qqSePJ0WIrm9m11oj5GN2DRAVKWZ/e7il9X4gwh
Ivx6w5MS1l11DhF6l+uXl9J9cRd5QjF0aytUkfnYO/VNr8HWgGObQL/sLkWx6PJ7
s6heSPwDCSfRioHBORbX3b8uncS0A868vE+GH1IEgpLnHeUbDcdvQg1pMHkNEGE4
pxIOueLAifV0/sNQuTYBhvVKz5Hub4Hxy/oRFg+kxrgZmC9acsYDyjDZQjwaImCC
q4MXkm6ZqaEdZsjuTrYloD3jk8kb6gD7wPq9mhOas8hisbg0Ahc0TGWtH4Lg/Mh8
UupyGSHMmjXHGgbyI1PUINy64KiCJ3rqSucbxSDHZyZmVKx1BWG1s2asvFoExZSI
ThPol4FEJDBiQ+YIpxtDUhF/R+nCPSPb+9+QnsnPcyHjYfCbBjDC1Ym38hrRUgnt
PHiaa9THdLd/cCnJmkRV6BzkqZIoTsUJxKfQA9u+KjW8OdlBthet2WaAhTcEqHdU
RpiqMIrhjhVpenDg+sze
=42JL
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ