Cisco Patches Serious Flaws in Security, Wireless Appliances

I put this up as I KNOW a lot of you Tech-Heads run Cisco stuff (probably wireless along with a few Cisco Switches). I wanted to make SURE you all knew about this vulnerability and the immediate need to get these wireless units patched.

Cisco has released software updates to address a series of critical and high severity vulnerabilities affecting some of the company’s security and wireless appliances.

The most serious of the flaws disclosed on Wednesday is a command injection vulnerability (CVE-2015-6298) affecting the certificate generation process in the administration web interface of the Cisco Web Security Appliance (WSA). The vulnerability, caused by improper parameter validation, can be exploited by a remote attacker to execute arbitrary commands with root privileges.

The Cisco Web Security Appliance is also affected by a couple of high severity denial-of-service (DoS) vulnerabilities that can be exploited to cause the device to run out of system memory. One of these security bugs affects the file-range request functionality of Cisco AsyncOS (CVE-2015-6293), while the other impacts the AsyncOS proxy cache functionality (CVE-2015-6292).

Vulnerabilities in AsyncOS components also affect the Cisco Email Security Appliance (ESA). One of these issues, a DoS flaw identified as CVE-2015-6321, can be used by a remote attacker to cause the device to stop accepting new TCP connections. The second issue, first disclosed in June, can be exploited by a remote, unauthenticated attacker to bypass the appliance’s anti-spam functionality.

Read more about it here.

Da Boss!

Website: www.digitalsmind.com Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Latest Content

  • Bad Rabbit: Ten things you need to know about the latest ransomware outbreak
    Written by

    Da Boss!

    Bad Rabbit: Ten things you need to know about the latest ransomware outbreak Eh... not as bad as some previous ones we have…
    Read more...
  • Taco Bell rolls out Kit Kat-stuffed quesadilla
    Written by

    Da Boss!

    Taco Bell rolls out Kit Kat-stuffed quesadilla In line now. Sounds scrumptious.
    Read more...
  • Snag-It 2018 - Best Screen Capture Tool - PERIOD!
    Written by

    Da Boss!

    Snag-It 2018 - Best Screen Capture Tool - PERIOD! Well, it's almost here but I was graced by the…
    Read more...
  • Windows 10 Fall Creators Update: Lots of small changes—and maybe the revolution
    Written by

    Da Boss!

    Windows 10 Fall Creators Update: Lots of small changes—and maybe the revolution Hopefully this one will go a little smoother than the…
    Read more...
  • VirtualBox 5.1.30
    Written by

    Da Boss!

    VirtualBox 5.1.30 If you are looking for a VM program\utility that can…
    Read more...

Visit the Digitalsmind Video YouTube Page!

Did you know we have a video page on YouTube? 

Well... WE DO! 

Check us out! 

- Our Video page.