[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Cisco Security Advisory: Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability
Advisory ID: cisco-sa-20160518-wsa2
For Public Release 2016 May 18 16:00 UTC (GMT)
A vulnerability in the cached file-range request functionality of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an appliance due to the appliance running out of system memory.
The vulnerability is due to a failure to free memory when a file range for cached content is requested through the WSA. An attacker could exploit this vulnerability by opening multiple connections that request file ranges through the affected device. A successful exploit could allow the attacker to cause the WSA to stop passing traffic when enough memory is used and not freed.
Cisco has released software updates that address this vulnerability. A workaround that mitigates this vulnerability is also available.
This advisory is available at the following link:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (SunOS)
-----END PGP SIGNATURE-----