Test Kennung:	1.3.6.1.4.1.25623.1.0.105350
Kategorie:	CISCO
Titel:	Cisco Web Security Appliance DNS Resolution Vulnerability
Zusammenfassung:	Cisco Web Security Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service condition.
Beschreibung:	Summary: Cisco Web Security Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service condition. Vulnerability Insight: The vulnerability is due to the handling of DNS requests awaiting a DNS response when new, incoming DNS requests are received. An attacker could exploit this vulnerability by sending TCP proxy traffic to the WSA at a high rate. An exploit could allow the attacker to cause a partial DoS condition because DNS name resolution fails, which results in the client receiving a HTTP 503 'Service Unavailable' error. Vulnerability Impact: An unauthenticated, remote attacker could exploit this vulnerability to cause a DoS condition due to DNS name resolution failure through the affected device. This could result in the client receiving an HTTP 'Service Unavailable' error. Affected Software/OS: Cisco WSA versions 8.0.6-078 and 8.0.6-115 are vulnerable. Solution: Updates are available. Please see the vendor advisory for more information. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-6287 BugTraq ID: 76677 http://www.securityfocus.com/bid/76677 Cisco Security Advisory: 20150909 Cisco Web Security Appliance DNS Resolution Vulnerability http://tools.cisco.com/security/center/viewAlert.x?alertId=40846 http://www.securitytracker.com/id/1033529
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.