The Latest in IT Security

Cisco Patches Serious DoS Flaws in Email Security Appliance

10
Jan
2019
Cisco Patches Serious DoS Flaws in Email Security Appliance

cisco-datasecurity

One of the flaws, tracked as CVE-2018-15453 and classified as “critical,” has been described as a memory corruption issue caused by improper input validation in emails signed with Secure/Multipurpose Internet Mail Extensions (S/MIME). An attacker can cause appliances to reload and enter a DoS condition by sending a specially crafted S/MIME email.

When the software resumes, it continues processing the same email, resulting in a permanent DoS condition. Manual intervention is required to restore the appliance.

The second DoS vulnerability affecting Cisco’s email security appliances is related to the message filtering feature of AsyncOS software. Tracked as CVE-2018-15460 and rated “high severity,” the flaw allows an attacker to cause a DoS condition by getting CPU usage to increase to 100%.

Read More

Leave a reply


Categories

MONDAY, MARCH 25, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments

Social Networks