Packet floods can bork Borg's security kit

DoS vector for e-mail, content and Web appliances

Cisco has announced a patch for a high-severity bug in the AsyncOS that runs a bunch of its security appliances.

The operating system underneath its Email Security Appliance (ESA), Content Security Management Appliance (SMA) and Web Security Appliance (WSA) can be hosed by sending them crafted TCP packets at a high enough rate, the company says.

The vulnerability "could allow an unauthenticated, remote attacker to exhaust all available memory", the company says. "An attacker could exploit this vulnerability by sending crafted TCP packets to the affected system."

Its advisory states that a successful attack stops the device accepting new connections until a full device reload is executed.

AsyncOS ESA versions prior to 8.0.2 are affected, along with various iterations of versions 8.5, 9.0, and 9.5 through 9.7. SMAs running versions older than or including 8.1, 8.3, 8.4, 9.0, 9.1, 9.1.1 and 9.5 are affected, along with WSAs running version 7.7 or older and 8.0.

Cisco has patches for all affected systems. ®

Sponsored: The Joy and Pain of Buying IT - Have Your Say


Biting the hand that feeds IT © 1998–2017