Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2014.1883
Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability
20 October 2014
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Cisco Web Security Appliance (WSA)
Cisco Email Security Appliance (ESA)
Cisco Content Security Management Appliance (SMA)
Publisher: Cisco Systems
Operating System: Cisco
Impact/Access: Administrator Compromise -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2011-4862
Reference: ESB-2012.0333.2
ESB-2012.0093
ESB-2012.0009
ESB-2012.0006
ESB-2012.0005
ESB-2012.0003
ESB-2012.0002
ESB-2012.0001
Original Bulletin:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120126-ironport
Comment: The Cisco Product Security Incident Response Team (PSIRT) is aware
of exploit modules for the Metasploit Framework that can exploit
this vulnerability on affected Cisco AsyncOS Software versions.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability
Advisory ID: cisco-sa-20120126-ironport
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120126-ironport
Revision 2.0
Last Updated 2014 October 16 13:40 UTC (GMT)
For Public Release 2012 January 26 17:00 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
Cisco AsyncOS Software for Cisco Web Security Appliance (WSA), Cisco Email Security Appliance (ESA), and Cisco Content Security Management Appliance (SMA) contain a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code with elevated privileges.
Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
Note: This security advisory has been updated to include important information about Cisco WSA
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120126-ironport
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (SunOS)
iQIVAwUBVD/SX4pI1I6i1Mx3AQI3uxAAoomtbVBoF6/e3zVswST5DDoYvP+quQJy
FJp4nO1FCeEZr9k+4v2zHN2gf8JGF/fRhdvfTFk+ZGlm0eVzZ27SJt0k05szAl9F
T6FFiwv8rbxaax1zFDvoiBblTnJYATpgPef4Gbp/pMtV+h5iEIXEclknejAxuI1h
/WEcO5AEz3moelkc4wLOfsN/8/BFj5Gmu/fnv+9bhsZmPRYlGIh1swD43u0U+42C
7QX70kEOXO7p1pA6oOqpFlrXJAEU5q1D56QXCSejruE9umHLGUfPIndMzC2DzTgv
J5GRXiH/HFQx6bBJ3KhC/ZPVlZ5CM9TbNt3aWsZoW2ekpJJ2VC4Noiq2ae7UzsnY
r4EmffCN+Lzqx8UExy3FYLt/k043BwrHVr+P1wMfvjIRwnz3oKPuqUA1vdSLxn+s
Vf9fXzqxuVm4bMfiAgT3JzRm/Z9m+ZYuPAR5CoDp/TqrKb28t2n59kzvMuT4jzJ9
yos+96pVTEmTcqiixnvvb6oRCfCW7/CotWD+rfc5JJ/ylD3IsNVLo8Me2Mmv7jCi
CcCY2sQ5amR8qqY3JXOxfrpcW2AhgBLIwJvMdSt/Q2oDhmS1KwqSLve5nzGMRiy8
p0D3TTnU3ed9gjt3wH7T56UeYgvSK61RpYUBNdrLzzbxvl44T0KfwtZZJt8ogDmy
9vfd06IfcoU=
=thvy
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBVER3eBLndAQH1ShLAQJ+vg/+JPOYw6mIiAc/I4NHzunNqJFfcSzI2k0u
qigPeyClPb0Q5GI+bXpwoCUs+++npw+TEagDSoqsGv09jSDyzBWhywuG+YNcIvoy
PivErDhNzs6htF6t0U6HtH8vsFHKnXQOyFEK1nwFrr7vUVCyGuPCKrQlMSUOktH8
ZLkIq1uM5ty0whou4LyKCy60P9gJPaQ58g++F1FF3ChPoRIpVjQX5lO6kmOYnlsr
SLbIZ7uo+GttFDoJV7l4EXs0WXa/yrsh/qKESk3xWdW8PTALGzDpJzEJIHrAvBLA
hLa4moxcCjxkFFuvty39TbOXswUT8AHMT6o9RPnuBeVPSQsTWNEF5JUh2oWZnPJw
3QQVbGFX+K+0oJsSVj2RjZSYHX11Tlcd6djc4OMPrB+dNUNA1SFX2YwUo60ieIFZ
9zM71QVCH7SxOD0kSTroHVqhHhWcKFrQ6GjdwZaoGIBPqhxypxMNTkCnUQfv1ceJ
xFSy2uoQs3c8+QqoYXP97BhTSA1Hh48Wo9jcxe6cKIXIgHvvwTH8YlOM8ubfqOit
M4Xgxl7Iz61LPc9nwTkshbFyVN6dM/R7LfH1HUy0QPfH4HTxAXSQET0kQKLmJkQl
Kg3hUKz9FvgvAKrpKrqMYkNN5K4x/8kPMEfBSILTvlKk8WsUopV7fihpxnzj2ykz
xjnBi0e3nd8=
=9vwj
-----END PGP SIGNATURE-----