Cisco Patches Serious Flaws in Security, Wireless Appliances

I put this up as I KNOW a lot of you Tech-Heads run Cisco stuff (probably wireless along with a few Cisco Switches). I wanted to make SURE you all knew about this vulnerability and the immediate need to get these wireless units patched.

Cisco has released software updates to address a series of critical and high severity vulnerabilities affecting some of the company’s security and wireless appliances.

The most serious of the flaws disclosed on Wednesday is a command injection vulnerability (CVE-2015-6298) affecting the certificate generation process in the administration web interface of the Cisco Web Security Appliance (WSA). The vulnerability, caused by improper parameter validation, can be exploited by a remote attacker to execute arbitrary commands with root privileges.

The Cisco Web Security Appliance is also affected by a couple of high severity denial-of-service (DoS) vulnerabilities that can be exploited to cause the device to run out of system memory. One of these security bugs affects the file-range request functionality of Cisco AsyncOS (CVE-2015-6293), while the other impacts the AsyncOS proxy cache functionality (CVE-2015-6292).

Vulnerabilities in AsyncOS components also affect the Cisco Email Security Appliance (ESA). One of these issues, a DoS flaw identified as CVE-2015-6321, can be used by a remote attacker to cause the device to stop accepting new TCP connections. The second issue, first disclosed in June, can be exploited by a remote, unauthenticated attacker to bypass the appliance’s anti-spam functionality.

Read more about it here.

Da Boss!

Website: www.digitalsmind.com Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Latest Content

  • How to Use Windows 10’s Storage Spaces to Mirror and Combine Drives
    Written by

    Da Boss!

    How to Use Windows 10’s Storage Spaces to Mirror and Combine Drives This is a terrific article for those who are in…
    Read more...
  • 10 hidden iPhone tricks
    Written by

    Da Boss!

    10 hidden iPhone tricks My family uses the iPhone mostly (I'm an Android guy) and…
    Read more...
  • How to Create a Virtual Machine Clone
    Written by

    Da Boss!

    How to Create a Virtual Machine Clone I happen to use a LOT of VM's in my…
    Read more...
  • NTFS bug allows any website to crash Windows 7, 8.1
    Written by

    Da Boss!

    NTFS bug allows any website to crash Windows 7, 8.1 And on the heels of "WannaCry" comes this little jewel.…
    Read more...
  • Google launches animation tool so you can turn boring data into cool GIFs
    Written by

    Da Boss!

    Google launches animation tool so you can turn boring data into cool GIFs Huh...just the idea of being able to turn boring data…
    Read more...

Visit the Digitalsmind Video YouTube Page!

Did you know we have a video page on YouTube? 

Well... WE DO! 

Check us out! 

- Our Video page.