Cisco Web Security Appliance Range Request Denial of Service Vulnerability

2015-11-04T16:00:00
ID CISCO-SA-20151104-WSA2
Type cisco
Reporter Cisco
Modified 2015-11-20T17:48:38

Description

A vulnerability in the file range request functionality of the Cisco AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a complete denial of service (DoS) condition on the device because it runs out of system memory.

The vulnerability is due to the failure to free memory when a file range is requested through the WSA. An attacker could exploit this vulnerability by opening many connections which request file ranges through the WSA. An exploit could allow the attacker to cause the WSA to stop passing traffic when enough memory is used and not freed.

A vulnerability in the file-range request functionality of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an appliance because the appliance runs out of system memory.

The vulnerability is due to a failure to free memory when a file range is requested through the Cisco WSA. An attacker could exploit this vulnerability by opening multiple connections that request file ranges through the WSA. A successful exploit could allow the attacker to cause the WSA to stop passing traffic when enough memory is used and not freed.

Cisco has released software updates that address this vulnerability. A workaround that mitigates this vulnerability is also available.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-wsa2["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-wsa2"]