 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.105350 |
| Categoría: | CISCO |
| Título: | Cisco Web Security Appliance DNS Resolution Vulnerability |
| Resumen: | Cisco Web Security Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service condition. |
| Descripción: | Summary: Cisco Web Security Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service condition. Vulnerability Insight: The vulnerability is due to the handling of DNS requests awaiting a DNS response when new, incoming DNS requests are received. An attacker could exploit this vulnerability by sending TCP proxy traffic to the WSA at a high rate. An exploit could allow the attacker to cause a partial DoS condition because DNS name resolution fails, which results in the client receiving a HTTP 503 'Service Unavailable' error. Vulnerability Impact: An unauthenticated, remote attacker could exploit this vulnerability to cause a DoS condition due to DNS name resolution failure through the affected device. This could result in the client receiving an HTTP 'Service Unavailable' error. Affected Software/OS: Cisco WSA versions 8.0.6-078 and 8.0.6-115 are vulnerable. Solution: Updates are available. Please see the vendor advisory for more information. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-6287 BugTraq ID: 76677 http://www.securityfocus.com/bid/76677 Cisco Security Advisory: 20150909 Cisco Web Security Appliance DNS Resolution Vulnerability http://tools.cisco.com/security/center/viewAlert.x?alertId=40846 http://www.securitytracker.com/id/1033529 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |