407 matches found
CVE-2016-1383
Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service memory consumption via an unspecified HTTP status code, aka Bug ID CSCur28305...
CVE-2016-1382
Cisco AsyncOS before 8.5.3-069 and 8.6 through 8.8 on Web Security Appliance WSA devices mishandles memory allocation for HTTP requests, which allows remote attackers to cause a denial of service proxy-process reload via a crafted request, aka Bug ID CSCuu02529...
CVE-2016-1380
Cisco AsyncOS 8.0 before 8.0.6-119 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service proxy-process hang via a crafted HTTP POST request, aka Bug ID CSCuo12171...
CVE-2016-1383
Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service memory consumption via an unspecified HTTP status code, aka Bug ID CSCur28305...
Cisco fixes high-risk network security equipment vulnerability-vulnerability warning-the black bar safety net
! These defects can be specially crafted HTTP request to use to cause a denial of service condition The Cisco system had been repaired four denial of service vulnerability these vulnerabilities can be exploited by attackers to cause network security devices to stop properly handle network traffic...
Cisco WSA Multiple Vulnerabilities 05/16
Cisco WSA Software is prone to multiple vulnerabilities. CVE-2016-1380 A vulnerability that occurs when parsing an HTTP POST request with Cisco AsyncOS for Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a denial of service DoS vulnerability due to the...
Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability
A vulnerability in HTTP request parsing in Cisco AsyncOS for the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition when the proxy process unexpectedly restarts. The vulnerability occurs because the affected software does no...
Cisco Web Security Appliance Connection Denial of Service Vulnerability
A vulnerability in Cisco AsyncOS for the Cisco Web Security Appliance WSA when the software handles a specific HTTP response code could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an appliance because the appliance runs out of system memory. The...
CVE-2016-1288
The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service service outage by leveraging certain intranet connectivity and sending a malformed HTTPS request, aka Bug ID CSCuu24840...
CVE-2016-1288
The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service service outage by leveraging certain intranet connectivity and sending a malformed HTTPS request, aka Bug ID CSCuu24840...
Cisco Email Security Appliance (ESA) Detection Consolidation
Consolidation of Cisco Email Security Appliance ESA detections. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cisco AsyncOS Denial of Service Vulnerability (CNVD-2015-07404)
The Cisco AsyncOS operating system is available to enhance the security and performance of Cisco email security appliances. There is a security vulnerability in the Cisco AsyncOS f network stack. a remote attacker sends a large number of TCP packets that consume system memory and perform a...
Cisco AsyncOS Denial of Service Vulnerability (CNVD-2015-07405)
The Cisco AsyncOS operating system is available to enhance the security and performance of Cisco email security appliances. A security vulnerability in the Cisco AsyncOS file-range request feature allows a remote attacker to submit multiple file-range requests, consume system memory, and conduct...
Cisco AsyncOS Denial of Service Vulnerability (CNVD-2015-07403)
The Cisco AsyncOS operating system is available to enhance the security and performance of Cisco email security appliances. Cisco AsyncOS message filters are configured with a variety of rules that incorrectly process malformed fields. a remote attacker can construct attachments to special messag...
CVE-2015-6298
The admin web interface in Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance WSA devices allows remote authenticated users to obtain root privileges via crafted certificate-generation...
CVE-2015-6292
The proxy-cache implementation in Cisco AsyncOS 8.0.x before 8.0.7-151, 8.1.x and 8.5.x before 8.5.2-004, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service memory consumption via multiple prox...
Design/Logic Flaw
The admin web interface in Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance WSA devices allows remote authenticated users to obtain root privileges via crafted certificate-generation...
Design/Logic Flaw
The proxy-cache implementation in Cisco AsyncOS 8.0.x before 8.0.7-151, 8.1.x and 8.5.x before 8.5.2-004, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service memory consumption via multiple prox...
CVE-2015-6321
Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-042 on Email Security Appliance ESA devices; before 9.1.0-032, 9.1.1 before 9.1.1-005, and 9.5.x before 9.5.0-025 on Content Security Management Appliance SMA devices; and before 7.7.0-7...
CVE-2015-6291
Cisco AsyncOS before 8.5.7-043, 9.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-046 on Email Security Appliance ESA devices mishandles malformed fields during body-contains, attachment-contains, every-attachment-contains, attachment-binary-contains, dictionary-match, and...