Cisco Email Security Appliance ZIP File Filter Bypass

According to its self-reported version, the Cisco AsyncOS running on the remote Cisco Email Security ESA appliance is affected by a security bypass vulnerability in which the ZIP inspection engine of AsyncOS does not properly analyze files, thus allowing a remote, unauthenticated attacker to...

CVE-2014-3381

The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance ESA does not properly analyze ZIP archives, which allows remote attackers to bypass malware filtering via a crafted archive, aka Bug ID CSCup07934...

Authentication flaw

The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance ESA does not properly analyze ZIP archives, which allows remote attackers to bypass malware filtering via a crafted archive, aka Bug ID CSCup07934...

CVE-2014-3381

CVE-2014-3381 affects Cisco AsyncOS ZIP filtering on Cisco Email Security Appliance (ESA) version 8.5 and earlier, where the ZIP inspection engine does not properly analyze ZIP archives, enabling a remote attacker to bypass malware filtering by delivering a crafted ZIP file. The root cause is imp...

CVE-2014-3381

The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance ESA does not properly analyze ZIP archives, which allows remote attackers to bypass malware filtering via a crafted archive, aka Bug ID CSCup07934...