736 matches found
CVE-2016-1288
CVE-2016-1288 affects Cisco Web Security Appliance (WSA) via the HTTPS Proxy/HTTPS packet handling. Cisco AsyncOS prior to 8.5.3-051 and 9.x prior to 9.0.0-485 are vulnerable to a DoS when an unauthenticated remote attacker sends a malformed HTTPS request, causing service outages. The issue stems...
CVE-2016-1288
The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service service outage by leveraging certain intranet connectivity and sending a malformed HTTPS request, aka Bug ID CSCuu24840...
Cisco Web Security Appliance Denial of Service Vulnerability
The Cisco Web Security Appliance is a network security appliance from Cisco. A security vulnerability exists in the proxy cache feature of Cisco AsyncOS in the Cisco WSA Appliance. As the program fails to handle memory properly. A remote attacker could exploit this vulnerability to cause a denial...
Cisco Email Security Appliance (ESA) Detection Consolidation
Consolidation of Cisco Email Security Appliance ESA detections. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cisco AsyncOS denial of service vulnerability(CVE-2 0 1 5-6 2 9 1)-vulnerability warning-the black bar safety net
CVECAN ID: CVE-2 0 1 5-6 2 9 1 The Cisco AsyncOS operating system is you can upgrade the Cisco email security appliance security and performance. ESA equipment, the Cisco AsyncOS 8.5.7-0 4 3 prior to version 9. x-9.1.1-0 2 3, 9.5. x, 9.6. x-9.6.0-0 4 6 version, the message filter configuration of...
Cisco AsyncOS Denial of Service Vulnerability (CNVD-2015-07404)
The Cisco AsyncOS operating system is available to enhance the security and performance of Cisco email security appliances. There is a security vulnerability in the Cisco AsyncOS f network stack. a remote attacker sends a large number of TCP packets that consume system memory and perform a...
Cisco AsyncOS Denial of Service Vulnerability (CNVD-2015-07403)
The Cisco AsyncOS operating system is available to enhance the security and performance of Cisco email security appliances. Cisco AsyncOS message filters are configured with a variety of rules that incorrectly process malformed fields. a remote attacker can construct attachments to special messag...
Cisco AsyncOS Denial of Service Vulnerability (CNVD-2015-07405)
The Cisco AsyncOS operating system is available to enhance the security and performance of Cisco email security appliances. A security vulnerability in the Cisco AsyncOS file-range request feature allows a remote attacker to submit multiple file-range requests, consume system memory, and conduct...
CVE-2015-6298
The admin web interface in Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance WSA devices allows remote authenticated users to obtain root privileges via crafted certificate-generation...
CVE-2015-6292
The proxy-cache implementation in Cisco AsyncOS 8.0.x before 8.0.7-151, 8.1.x and 8.5.x before 8.5.2-004, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service memory consumption via multiple prox...
Design/Logic Flaw
The proxy-cache implementation in Cisco AsyncOS 8.0.x before 8.0.7-151, 8.1.x and 8.5.x before 8.5.2-004, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service memory consumption via multiple prox...
Design/Logic Flaw
The admin web interface in Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance WSA devices allows remote authenticated users to obtain root privileges via crafted certificate-generation...
CVE-2015-6292
The proxy-cache implementation in Cisco AsyncOS 8.0.x before 8.0.7-151, 8.1.x and 8.5.x before 8.5.2-004, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service memory consumption via multiple prox...
CVE-2015-6292
Cisco AsyncOS on Web Security Appliance (WSA) is affected by CVE-2015-6292 due to a proxy-cache memory handling fault. The vulnerability allows unauthenticated remote attackers to cause memory exhaustion and DoS by opening multiple proxy connections; versions affected include 8.0.x before 8.0.7-1...
CVE-2015-6298
The admin web interface in Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance WSA devices allows remote authenticated users to obtain root privileges via crafted certificate-generation...
CVE-2015-6298
The CVE-2015-6298 issue concerns Cisco AsyncOS for Web Security Appliance (WSA) and Cisco Web Security Appliance admin web interface. Affected AsyncOS versions include 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085. The root...
CVE-2015-6321
Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-042 on Email Security Appliance ESA devices; before 9.1.0-032, 9.1.1 before 9.1.1-005, and 9.5.x before 9.5.0-025 on Content Security Management Appliance SMA devices; and before 7.7.0-7...
CVE-2015-6291
Cisco AsyncOS before 8.5.7-043, 9.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-046 on Email Security Appliance ESA devices mishandles malformed fields during body-contains, attachment-contains, every-attachment-contains, attachment-binary-contains, dictionary-match, and...
Design/Logic Flaw
Cisco AsyncOS before 8.5.7-043, 9.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-046 on Email Security Appliance ESA devices mishandles malformed fields during body-contains, attachment-contains, every-attachment-contains, attachment-binary-contains, dictionary-match, and...
Code injection
Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service memory consumption via multiple file-range requests, aka Bug ID CSCur391...