lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <201603021202.6.wsa@psirt.cisco.com>
Date: Wed,  2 Mar 2016 12:02:53 -0500
From: Cisco Systems Product Security Incident Response Team <psirt@...co.com>
To: bugtraq@...urityfocus.com
Cc: psirt@...co.com
Subject: Cisco Security Advisory: Cisco Web Security Appliance HTTPS Packet Processing Denial of Service Vulnerability 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco Web Security Appliance HTTPS Packet Processing Denial of Service Vulnerability

Advisory ID: cisco-sa-20160302-wsa

Revision 1.0

Published: 2016 March 2 16:00  GMT
+---------------------------------------------------------------------

Summary
=======

A vulnerability in the web proxy framework of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker with the ability to negotiate a secure connection from within the trusted network to cause a denial of service (DoS) condition on the affected device.
 
The vulnerability is due to incorrect processing of HTTPS packets. An attacker could exploit this vulnerability by sending a malformed HTTPS request packet through the affected device. A successful exploit could allow an attacker to create a DoS condition, causing all requests traversing the WSA to be dropped. The condition is temporary and no manual intervention is required to restore functionality.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-wsa
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJW1xjZAAoJEK89gD3EAJB5qt0QAOMm2cWsVxNKWQul+HYxzATd
KI82WfeAgoBxDMXsC1GcpnAwPEbOQMNW2lz9fg/M5dNoEKQjnsHm2pXQIj8OlT8D
AYw3PmLac/Hs0EWz9G7b6MeuyyHcKTlLRNtg+K/wnX4Z5sqXe/p3cBJixmFbJZjC
mkRXpIZrt9XjLZDBi89PQPzIDkJ5oDB7S+oWR/H9QBYyy3d723Fb6tRwzNvKCpLx
IoYLVM8xV9Q+xTSJcPCrbER8wPZDm163SwTxkRs2RpY5uVswQKwJuyOzNUnQbcvX
9syjzPWE9WK8LZcy0fnz2n55Te1pcjDWadoftu+ZuOCiQHsAdmhhjSOuUZdCON2Z
oF0q0Hd5rN9mB6TG4zIUGAsrwNWAJ4XKeWxJVyhIsuBIlAzFsDGRIMurRy+N97xS
ZbfQ2yD27Ktm2E8aO1yqAerPEi8KQWfrOdvSxKWnxB0b4SmK729DPBOMk77O1JB6
StGeVtS6yp/PazvRAG7VPqgwneAbkxDOJNcNT966hjUcmgJGiURtWkpWd3RTUFh8
vjC2ei8eM3jJ2novh6XcQmRh9Z9i5h6BYQkNqs3K5egM/H6G3N36Ksk+L/cdCOdG
EF1iST+L6pX2H51mmMufGfJg/sZNBRF4LL3zGTDxat8RLpwISzypRxQwLemZYC20
GEO5+YGIotDsyPcoQ3HL
=aqwj
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ