CISCO : Cisco Web Security Appliance JAR Advanced Malware Protection DoS Vulnerability (cisco-sa-20161026-esawsa3)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.140022

Categoría: CISCO

Título: Cisco Web Security Appliance JAR Advanced Malware Protection DoS Vulnerability (cisco-sa-20161026-esawsa3)

Resumen: A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and; Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial; denial of service (DoS) condition due to the AMP process unexpectedly restarting.;; The vulnerability is due to improper validation of a Java Archive (JAR) file scanned when AMP is; configured. An attacker could exploit this vulnerability by crafting a JAR file, and attaching; this JAR file to an email that is then sent through the affected device. An exploit could allow; the attacker to cause the Cisco ESA and WSA AMP process to unexpectedly restart due to the; malformed JAR file.;; Cisco has released software updates that address this vulnerability. Workarounds that address this; vulnerability are not available.

Descripción: Summary:
A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and
Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial
denial of service (DoS) condition due to the AMP process unexpectedly restarting.

The vulnerability is due to improper validation of a Java Archive (JAR) file scanned when AMP is
configured. An attacker could exploit this vulnerability by crafting a JAR file, and attaching
this JAR file to an email that is then sent through the affected device. An exploit could allow
the attacker to cause the Cisco ESA and WSA AMP process to unexpectedly restart due to the
malformed JAR file.

Cisco has released software updates that address this vulnerability. Workarounds that address this
vulnerability are not available.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-6360
BugTraq ID: 93910
http://www.securityfocus.com/bid/93910
http://www.securitytracker.com/id/1037120
http://www.securitytracker.com/id/1037121

Copyright Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.140022
Categoría:	CISCO
Título:	Cisco Web Security Appliance JAR Advanced Malware Protection DoS Vulnerability (cisco-sa-20161026-esawsa3)
Resumen:	A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and; Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial; denial of service (DoS) condition due to the AMP process unexpectedly restarting.;; The vulnerability is due to improper validation of a Java Archive (JAR) file scanned when AMP is; configured. An attacker could exploit this vulnerability by crafting a JAR file, and attaching; this JAR file to an email that is then sent through the affected device. An exploit could allow; the attacker to cause the Cisco ESA and WSA AMP process to unexpectedly restart due to the; malformed JAR file.;; Cisco has released software updates that address this vulnerability. Workarounds that address this; vulnerability are not available.
Descripción:	Summary: A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition due to the AMP process unexpectedly restarting. The vulnerability is due to improper validation of a Java Archive (JAR) file scanned when AMP is configured. An attacker could exploit this vulnerability by crafting a JAR file, and attaching this JAR file to an email that is then sent through the affected device. An exploit could allow the attacker to cause the Cisco ESA and WSA AMP process to unexpectedly restart due to the malformed JAR file. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. Solution: See the referenced vendor advisory for a solution. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6360 BugTraq ID: 93910 http://www.securityfocus.com/bid/93910 http://www.securitytracker.com/id/1037120 http://www.securitytracker.com/id/1037121
Copyright	Copyright (C) 2016 Greenbone AG