copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ESB-2016.0199 - [Cisco] Cisco Wide Area Application Service: Denial of service - Remote/unauthenticated

Date: 28 January 2016

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2016.0199
        Cisco Wide Area Application Service CIFS DoS Vulnerability
                              28 January 2016

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Cisco Wide Area Application Service
Publisher:         Cisco Systems
Operating System:  Cisco
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2015-6421  

Original Bulletin: 
   http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-waascifs

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Wide Area Application Service CIFS Denial of Service Vulnerability

Advisory ID: cisco-sa-20160127-waascifs

Revision 1.0

For Public Release 2016 January 27 16:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

A vulnerability in the Common Internet File System (CIFS) optimization 
feature of the Cisco Wide Area Application Service (WAAS) device could 
allow an unauthenticated, remote attacker to perform a resource
consumption attack which, could result in a complete denial of service 
(DoS) condition.
 
The vulnerability is due to insufficient flow handling of incoming CIFS 
traffic. An attacker could exploit this vulnerability by sending
malicious traffic designed to trigger the vulnerability. An exploit
could allow the attacker to cause a DoS condition by exhausting system 
buffering resources, resulting in a reload of the affected device.


This advisory is available at the following link: 

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-waascifs

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (SunOS)

iQIVAwUBVqfRmq89gD3EAJB5AQJDDxAAn8gJTfbn8TEzTYDMNETTOy3xObGLUA6f
70wnslFvQz4hgV4J9Op6PC54PtEyuu9DE2w2cS2QfOGmIUN1zH1+/C7HSRCaS5xc
nYftgXwI/aW4bay9mUDi5ONiz/6akZrSQ9uJhsTvs+UWe0UmMy1UTeOUj738P8g4
pwjaMgSWoxp5uyHGfGg3fs5ZUIajb/VbpMMV55p3J267W/Hbq6JPOp7VkZ6IAF6p
q47BjgWzPLtTOTzlEce5U/QRrHD3nSCMp3o6jZEupJV+oX6UlrjFIEz/rYunlFDp
wzOsvl3qgzK4Nk9x3obmBbVCbYqJoRgEC8RBOHAFfs8cOrT3tKSTYhGdnfxt2+Nw
NbEV/6QoMDb6fQA45hTbL5wQxm4ZRkghMhynnfK4mZF6be/vySa5rywAOrTXmeqf
h2P7QxxcH2AW64nx8EN2sPnKQNVckwp6aOtAYAKsZGU3ig5OCNu6BzggVyvSrFHw
oD5UffKaWcmsKq7c+y3G8eyNep0wlmjZsai/TlrpKPMWyr5Tu/xD0SavJJXtu/o8
B+BF8xG8Fft60gE1hD6aWCYOna0MGYx6ElFIBxnOs69f7DREpvuEFunyUsrV0kL4
5+Zh1pL+G2thymron/FLZl98itQInoHhXCFlkjg3fz5CL/rZbeEkXNXDbK/Dh8ii
dc5T22b+OmA=
=76fK
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVqlzjX6ZAP0PgtI9AQJt3RAAzu1gfbKkuMdi+ZqNSZyboqGSMr4xcLjE
9S5fRi1yRwi7TKoGD0iDHaMMhwPfNxjxoeafGYuOk3TecAMT55MBPyiwpFaAoDsX
Z/T4rw9q7UU7OxVfI9CTRKwWyo5Be3WWwUKjX8eeaUPe6/jPlEQsHb6TqhCTzP4n
t67p8dEun1O8j7Z6wh2HRcYja6nJR5r3IfgbCWvoCY/YcPktZePta1tsNW/0TURj
ZNX1Q+KsX4dUWIp/9UjCc2E4u7fD6xgN0p47KcSbq5a9Wv1nwBeIkPycNYRO6hS6
ATlS0lsp/pW1PCd4rhD6LOmjmPkbPs1zXLHHzAhoP40aEFeBo1wy7v8mu3H+sySG
nS3ww2uSCsHlenhPCnPZAt/Dl9AnY5pJDMoeai6i3Crs+BwEGO7kiQfv7aXj0h1o
9O5UqGXOsml36o74B3J27O8GgjQuZqfXcbq4LS6G1WV6A0Qk5chVOqoCkDIKDqx/
+cuWamX/pREHnMYppIFqZ7mkdIyAFGdDSR41VgWn6lg6+jd6pQ4OSjk52QmaHuix
ENIuINv/YfKK2H25z9FHGXRtGZrgfgfm3ktMipdsHBlAPuVFiJOgYZ6Kvzn7jNyv
sqIzCV7mtS4sg/0mnaWuMKK6P89tsTITF8becwmgeSr5QmFM5fgS00E93p9zSWOn
iuc7njppQ9k=
=JAn0
-----END PGP SIGNATURE-----