Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2015.2771 Cisco AsyncOS TCP Flood Denial of Service Vulnerability 5 November 2015 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco Email Security Appliance Cisco Content Security Management Appliance Cisco Web Security Appliance Publisher: Cisco Systems Operating System: Cisco Impact/Access: Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2015-6321 Original Bulletin: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-aos - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Cisco Security Advisory: Cisco AsyncOS TCP Flood Denial of Service Vulnerability Advisory ID: cisco-sa-20151104-aos Revision 1.0 For Public Release 2015 November 4 16:00 UTC (GMT) +--------------------------------------------------------------------- Summary ======= A vulnerability in the network stack of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust all available memory, preventing the affected device from accepting new TCP connections. The vulnerability is due to improper handling of TCP packets sent at a high rate. An attacker could exploit this vulnerability by sending crafted TCP packets to the affected system. Note: A full device reload is needed to recover the system to an operational state. Cisco has released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-aos - -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWOhO3AAoJEIpI1I6i1Mx35gEP/ApOJvVZ6wEgWYYdBEAfPXwu tvZeIqc24MN6OunHtGHgVpiRAINAz6uecaupVTFeOcowJERky2xUTkSfItfM6WiO 85wga7OyA5n+JPw/WNDiMGi05DmqYa3Ut/IAQbn5rFxU61rLlgOBOe+YoaDFBwCJ /d3FLr70/tyqkGTgXCNWUh/Ukb+1k4UMqaJo+rWT1nM93r2ImD0RVJe+NYIb0JhL acXXbPQMqIgtXszi1Hvq8j22OdBZqPTrfiStvJ3vk2uVQlcsXom4uPhk+RmOQZ6l 3+gmV1tZvA4fXqjM3gnMnMlej51VRR4rRsGNuwr4sp9diHONyTnqFHHCGUA/ehei l8fARGSsEd2S4PjnQiMmdPtgYaGCpJRMOIunN0fYCjzxqdwPsLeqzhELbTq8HiFy jTL+RWnaPQUgnfh0LIJ58J6DrzTvWQdHbLtfaJFR4ZSUH9M9xF6oqAJIIb4hxJfv wT0TOQDqijeRc3sTtQGa3Xwhuk7tds86ZYENf+T4YLpnqHtUDV+cIFC7zussWsp4 K60rCM1ek4/s3Vd+t9Muq1F5iTxhUSkpxB5QwwbC2I5BjLkTQweqX+lpu3RVumht 1is3TvabnA6FkUUSJTJRQ040FE+W1GbXGDuX3ba1gPlHGETifC6UXirLaKJce3lj RSEUihVYR0uVFt4EtSoh =VX2W - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVjrhvH6ZAP0PgtI9AQIQ6w//VxkakxWmzQVjAfGlfTK4kjYIJYf3OFPk gMs58canFTYHDs7VylRg211j3rnBwfM9TlWuLlP7BIVGFK3JmHvSQG0W84fFxIrz hejGemR9/REv1WA0mZz0GDMv29tZWphrouNqutUGNyJAJkRAnJ2IvtKNH+RqlKeM UwF6TCh/taHoKJ9EYsWf9jc+7KKEQa1h7QQTh/Pcmd0Dlq2FhKywrAvgxjMIM53u lTXZsP1hsCCVmX97xe8nV1u/Scmi02WCjlxXidmYM7tIxWU8JXebY+4R2zQkfMEs SJKeXzFwt3YcIa9P1Mer2TLUh0HoGRjut11N+KatKzPjqzUZ+kVjTbacEezIZbQU E83YbSDddR8n1Y+W53BQmFragDY1/zLVSSkqL/DzRveLRRiwyFAu8a95XDW1lmvH c1JNs6jnCv2ltsZ6b79sZQpM7RDrdDLZeM/VEZYSS/qEz+2lav4m9DNBpdnIuiz4 C1f4+JVpcWqEmrQqtRJVKP9VmWeaeB1WMdgY84lVX0Sqy2a0E8jLtUgpmPd5Vqwr 8ftp2tYe3G4DyohwGfBSlK70ErhyTwGhpq8iLe0VYLZIwOC61+6rHLyMShpJ9Dm0 yqWua5njzyW5h2bQlYUlT1l0dlP52TFVmV6dusCmGTDmUPwO8wfBIXZyLS1l+4Ic +Wux6D4hY9E= =WBPD -----END PGP SIGNATURE-----