lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <201511041102.6.aos@psirt.cisco.com>
Date: Wed,  4 Nov 2015 11:02:56 -0500
From: Cisco Systems Product Security Incident Response Team <psirt@...co.com>
To: bugtraq@...urityfocus.com
Cc: psirt@...co.com
Subject: Cisco Security Advisory: Cisco AsyncOS TCP Flood Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco AsyncOS TCP Flood Denial of Service Vulnerability

Advisory ID: cisco-sa-20151104-aos

Revision 1.0

For Public Release 2015 November 4 16:00  UTC (GMT)

+---------------------------------------------------------------------

Summary
=======
A vulnerability in the network stack of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust all available memory, preventing the affected device from accepting new TCP connections.

The vulnerability is due to improper handling of TCP packets sent at a high rate. An attacker could exploit this vulnerability by sending crafted TCP packets to the affected system.

Note: A full device reload is needed to recover the system to an operational state.

Cisco has released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-aos






-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJWOhO3AAoJEIpI1I6i1Mx35gEP/ApOJvVZ6wEgWYYdBEAfPXwu
tvZeIqc24MN6OunHtGHgVpiRAINAz6uecaupVTFeOcowJERky2xUTkSfItfM6WiO
85wga7OyA5n+JPw/WNDiMGi05DmqYa3Ut/IAQbn5rFxU61rLlgOBOe+YoaDFBwCJ
/d3FLr70/tyqkGTgXCNWUh/Ukb+1k4UMqaJo+rWT1nM93r2ImD0RVJe+NYIb0JhL
acXXbPQMqIgtXszi1Hvq8j22OdBZqPTrfiStvJ3vk2uVQlcsXom4uPhk+RmOQZ6l
3+gmV1tZvA4fXqjM3gnMnMlej51VRR4rRsGNuwr4sp9diHONyTnqFHHCGUA/ehei
l8fARGSsEd2S4PjnQiMmdPtgYaGCpJRMOIunN0fYCjzxqdwPsLeqzhELbTq8HiFy
jTL+RWnaPQUgnfh0LIJ58J6DrzTvWQdHbLtfaJFR4ZSUH9M9xF6oqAJIIb4hxJfv
wT0TOQDqijeRc3sTtQGa3Xwhuk7tds86ZYENf+T4YLpnqHtUDV+cIFC7zussWsp4
K60rCM1ek4/s3Vd+t9Muq1F5iTxhUSkpxB5QwwbC2I5BjLkTQweqX+lpu3RVumht
1is3TvabnA6FkUUSJTJRQ040FE+W1GbXGDuX3ba1gPlHGETifC6UXirLaKJce3lj
RSEUihVYR0uVFt4EtSoh
=VX2W
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ