Cisco AsyncOS for Email Security Appliances Software Remote Code Execution (CSCug79377)

According to its self-reported version and configuration, the Cisco AsyncOS running on the remote Cisco Email Security ESA appliance is affected by a remote code execution vulnerability in the Safelist/Blocklist SLBL function due to improper handling of SLBL database files. An authenticated, remo...

CVE-2014-2119

The End User Safelist/Blocklist aka SLBL service in Cisco AsyncOS Software for Email Security Appliance ESA before 7.6.3-023 and 8.x before 8.0.1-023 and Cisco Content Security Management Appliance SMA before 7.9.1-110 and 8.x before 8.1.1-013 allows remote authenticated users to execute arbitrar...

Code injection

The End User Safelist/Blocklist aka SLBL service in Cisco AsyncOS Software for Email Security Appliance ESA before 7.6.3-023 and 8.x before 8.0.1-023 and Cisco Content Security Management Appliance SMA before 7.9.1-110 and 8.x before 8.1.1-013 allows remote authenticated users to execute arbitrar...

CVE-2014-2119

The CVE-2014-2119 issue affects Cisco AsyncOS for Email Security Appliance (ESA) and Content Security Management Appliance (SMA). The End User Safelist/Blocklist (SLBL) service permits an authenticated remote user to execute arbitrary code with root privileges by uploading a modified SLBL databas...