Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)

VN-2017-124


Cisco Email Security Appliance Denial of Service Vulnerability
Severity Rating: High
Systems Affected:
  • Cisco Email Security Appliance versions 9.0, 9.1, 9.5, 9.6, 9.7, 9.8, 9.8.1, 10.0, 11.0
Description
A vulnerability has been identified in Cisco Email Security Appliance and can be exploited by remote attackers to cause a denial of service condition. The vulnerability exists in the email message filtering feature of Cisco AsyncOS Software for the Cisco Email Security Appliance and is caused due to improper input validation of email attachments that contain corrupted fields. This vulnerability can be exploited by remote attackers by sending an email message with an attachment that contains corrupted fields through a targeted device. When the affected software filters the attachment, the filtering process could crash when the system runs out of memory and the process restarts, resulting in a Denial of Service condition. After the filtering process restarts, the software resumes filtering for the same attachment, causing the filtering process to crash and restart again. Successful exploitation of the vulnerability could allow the attacker to cause a repeated Denial of Service condition.
 
Solution
Users are advised to apply updates.
More information is available on:
 
Vendor Information
Cisco
CVE Information
References
Cisco Security Bulletin
Security Tracker
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis