Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2014.1883 Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability 20 October 2014 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco Web Security Appliance (WSA) Cisco Email Security Appliance (ESA) Cisco Content Security Management Appliance (SMA) Publisher: Cisco Systems Operating System: Cisco Impact/Access: Administrator Compromise -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2011-4862 Reference: ESB-2012.0333.2 ESB-2012.0093 ESB-2012.0009 ESB-2012.0006 ESB-2012.0005 ESB-2012.0003 ESB-2012.0002 ESB-2012.0001 Original Bulletin: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120126-ironport Comment: The Cisco Product Security Incident Response Team (PSIRT) is aware of exploit modules for the Metasploit Framework that can exploit this vulnerability on affected Cisco AsyncOS Software versions. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability Advisory ID: cisco-sa-20120126-ironport http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120126-ironport Revision 2.0 Last Updated 2014 October 16 13:40 UTC (GMT) For Public Release 2012 January 26 17:00 UTC (GMT) +--------------------------------------------------------------------- Summary ======= Cisco AsyncOS Software for Cisco Web Security Appliance (WSA), Cisco Email Security Appliance (ESA), and Cisco Content Security Management Appliance (SMA) contain a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code with elevated privileges. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. Note: This security advisory has been updated to include important information about Cisco WSA This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120126-ironport - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVD/SX4pI1I6i1Mx3AQI3uxAAoomtbVBoF6/e3zVswST5DDoYvP+quQJy FJp4nO1FCeEZr9k+4v2zHN2gf8JGF/fRhdvfTFk+ZGlm0eVzZ27SJt0k05szAl9F T6FFiwv8rbxaax1zFDvoiBblTnJYATpgPef4Gbp/pMtV+h5iEIXEclknejAxuI1h /WEcO5AEz3moelkc4wLOfsN/8/BFj5Gmu/fnv+9bhsZmPRYlGIh1swD43u0U+42C 7QX70kEOXO7p1pA6oOqpFlrXJAEU5q1D56QXCSejruE9umHLGUfPIndMzC2DzTgv J5GRXiH/HFQx6bBJ3KhC/ZPVlZ5CM9TbNt3aWsZoW2ekpJJ2VC4Noiq2ae7UzsnY r4EmffCN+Lzqx8UExy3FYLt/k043BwrHVr+P1wMfvjIRwnz3oKPuqUA1vdSLxn+s Vf9fXzqxuVm4bMfiAgT3JzRm/Z9m+ZYuPAR5CoDp/TqrKb28t2n59kzvMuT4jzJ9 yos+96pVTEmTcqiixnvvb6oRCfCW7/CotWD+rfc5JJ/ylD3IsNVLo8Me2Mmv7jCi CcCY2sQ5amR8qqY3JXOxfrpcW2AhgBLIwJvMdSt/Q2oDhmS1KwqSLve5nzGMRiy8 p0D3TTnU3ed9gjt3wH7T56UeYgvSK61RpYUBNdrLzzbxvl44T0KfwtZZJt8ogDmy 9vfd06IfcoU= =thvy - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVER3eBLndAQH1ShLAQJ+vg/+JPOYw6mIiAc/I4NHzunNqJFfcSzI2k0u qigPeyClPb0Q5GI+bXpwoCUs+++npw+TEagDSoqsGv09jSDyzBWhywuG+YNcIvoy PivErDhNzs6htF6t0U6HtH8vsFHKnXQOyFEK1nwFrr7vUVCyGuPCKrQlMSUOktH8 ZLkIq1uM5ty0whou4LyKCy60P9gJPaQ58g++F1FF3ChPoRIpVjQX5lO6kmOYnlsr SLbIZ7uo+GttFDoJV7l4EXs0WXa/yrsh/qKESk3xWdW8PTALGzDpJzEJIHrAvBLA hLa4moxcCjxkFFuvty39TbOXswUT8AHMT6o9RPnuBeVPSQsTWNEF5JUh2oWZnPJw 3QQVbGFX+K+0oJsSVj2RjZSYHX11Tlcd6djc4OMPrB+dNUNA1SFX2YwUo60ieIFZ 9zM71QVCH7SxOD0kSTroHVqhHhWcKFrQ6GjdwZaoGIBPqhxypxMNTkCnUQfv1ceJ xFSy2uoQs3c8+QqoYXP97BhTSA1Hh48Wo9jcxe6cKIXIgHvvwTH8YlOM8ubfqOit M4Xgxl7Iz61LPc9nwTkshbFyVN6dM/R7LfH1HUy0QPfH4HTxAXSQET0kQKLmJkQl Kg3hUKz9FvgvAKrpKrqMYkNN5K4x/8kPMEfBSILTvlKk8WsUopV7fihpxnzj2ykz xjnBi0e3nd8= =9vwj -----END PGP SIGNATURE-----