Executive Summary
| Summary | |
|---|---|
| Title | Cisco Email Security Appliance Advanced Malware Protection Attachment Scanning Denial of Service Vulnerability |
| Informations | |||
|---|---|---|---|
| Name | cisco-sa-20161026-esa2 | First vendor Publication | 2016-10-26 |
| Vendor | Cisco | Last vendor Modification | 2016-10-26 |
| Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.8 | Attack Range | Network |
| Cvss Impact Score | 6.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. The vulnerability is due to improper handling of UU-encoded files that are attached to an email message. An attacker could exploit this vulnerability by sending a crafted email message with a UU-encoded file attachment through an affected device. The scanning of the attachment could cause the mail handling process of the affected software to restart, resulting in a DoS condition. After the mail handling process restarts, the software resumes scanning for the same attachment, which could cause the mail handling process to restart again. A successful exploit could allow the attacker to cause a repeated DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa2 BEGIN PGP SIGNATURE Version: GnuPG v1.4.5 (SunOS) iQIVAwUBWAef8K89gD3EAJB5AQJmjhAArJx4+FUbQwa+YUwSBBgQN3NWEAXD0VdZ 5gl9ig/7Y5AST/OrhAfhTVL94/8O/0FECeXqlmRc9qrAJ6ouR3GcvIhd0kOYTmeR Pxj+v0XyBJlp1qzvgy97jM+hSXoT/8MPcdAzVBlTtI2pFOnkgAPWGuKr/nbR7AkD gRns2NRPlXTZnyo5LpxXR/JLo0+RpTOFPpuZNZYSLf0uOVimfrR+OLssCnzIZFdu 8P2k3XMU7oa6QA/EIruayFqBOaIWjjLvcyNPPehUU3Ye3g1tR86qU6Ik/E4VTSDB ufxg/GtbafCkYqa6TEeWWQRyNUUDzo8rKjFz+HY5yuKEaT6IH9dpPndj8N/LQO93 R58OABHlpQdlDynSPSInMzK+PkEX3R8+HmViVmcVKYmm847uExkcYJljKoPEE6iB b90VJ4Ey8KThCKNCNDF5c27cv5Yl8RnhZBCl2glVY0jNoBsAPO8xHwxd+MZBCspx YldjHeBNZpWGx0ZN8OX/qY33nEC9DOKdGshmYt8xA+BIhlAfGeHGNZft9U4cXdYm /ZwTNc8e3ujzaR/o9T+G9LngBWKyMJ6JP9ydhnsh3kZJN3BH8ZdoxS3YUd3asdpB 9PTgpMqd4fk3W8KIQthmi3Mm7grihw/Bz+PKfFxQNvPW6KIcAqS/A0m0sminPHXK K7VNsuZha80= =wtS3 END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
| Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-19 | Data Handling |
CPE : Common Platform Enumeration
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-10-27 | Cisco ESA uuencode attachment processing exception denial of service attempt RuleID : 40554 - Revision : 1 - Type : SERVER-OTHER |
| 2016-10-27 | Cisco ESA uuencode attachment processing exception denial of service attempt RuleID : 40553 - Revision : 1 - Type : SERVER-OTHER |
Alert History
| Date | Informations |
|---|---|
| 2016-10-29 00:25:21 |
|
| 2016-10-26 21:21:12 |
|
