Boletines de Vulnerabilidades

Cisco Email Security Appliance Max Files Denial of Service Vulnerability

Información sobre el sistema
   
Software afectado Cisco

Descripción
A vulnerability in file descriptor handling of the Cisco Email Security Appliance (ESA) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition due to the affected device unexpectedly reloading.The vulnerability is due to failure to release file descriptors when the requested file action is completed. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to cause a

More info:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20150930-CVE-2015-6309?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Email%20Security%20Appliance%20Max%20Files%20Denial%20of%20S

Identificadores estándar
Propiedad Valor
CVE

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2015-10-08

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT