Operating System:

[Cisco]

Published:

05 November 2015

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2015.2771
          Cisco AsyncOS TCP Flood Denial of Service Vulnerability
                              5 November 2015

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Cisco Email Security Appliance
                   Cisco Content Security Management Appliance
                   Cisco Web Security Appliance
Publisher:         Cisco Systems
Operating System:  Cisco
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2015-6321  

Original Bulletin: 
   http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-aos

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco AsyncOS TCP Flood Denial of Service Vulnerability

Advisory ID: cisco-sa-20151104-aos

Revision 1.0

For Public Release 2015 November 4 16:00  UTC (GMT)

+---------------------------------------------------------------------

Summary
=======
A vulnerability in the network stack of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust all available memory, preventing the affected device from accepting new TCP connections.

The vulnerability is due to improper handling of TCP packets sent at a high rate. An attacker could exploit this vulnerability by sending crafted TCP packets to the affected system.

Note: A full device reload is needed to recover the system to an operational state.

Cisco has released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-aos






- -----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJWOhO3AAoJEIpI1I6i1Mx35gEP/ApOJvVZ6wEgWYYdBEAfPXwu
tvZeIqc24MN6OunHtGHgVpiRAINAz6uecaupVTFeOcowJERky2xUTkSfItfM6WiO
85wga7OyA5n+JPw/WNDiMGi05DmqYa3Ut/IAQbn5rFxU61rLlgOBOe+YoaDFBwCJ
/d3FLr70/tyqkGTgXCNWUh/Ukb+1k4UMqaJo+rWT1nM93r2ImD0RVJe+NYIb0JhL
acXXbPQMqIgtXszi1Hvq8j22OdBZqPTrfiStvJ3vk2uVQlcsXom4uPhk+RmOQZ6l
3+gmV1tZvA4fXqjM3gnMnMlej51VRR4rRsGNuwr4sp9diHONyTnqFHHCGUA/ehei
l8fARGSsEd2S4PjnQiMmdPtgYaGCpJRMOIunN0fYCjzxqdwPsLeqzhELbTq8HiFy
jTL+RWnaPQUgnfh0LIJ58J6DrzTvWQdHbLtfaJFR4ZSUH9M9xF6oqAJIIb4hxJfv
wT0TOQDqijeRc3sTtQGa3Xwhuk7tds86ZYENf+T4YLpnqHtUDV+cIFC7zussWsp4
K60rCM1ek4/s3Vd+t9Muq1F5iTxhUSkpxB5QwwbC2I5BjLkTQweqX+lpu3RVumht
1is3TvabnA6FkUUSJTJRQ040FE+W1GbXGDuX3ba1gPlHGETifC6UXirLaKJce3lj
RSEUihVYR0uVFt4EtSoh
=VX2W
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVjrhvH6ZAP0PgtI9AQIQ6w//VxkakxWmzQVjAfGlfTK4kjYIJYf3OFPk
gMs58canFTYHDs7VylRg211j3rnBwfM9TlWuLlP7BIVGFK3JmHvSQG0W84fFxIrz
hejGemR9/REv1WA0mZz0GDMv29tZWphrouNqutUGNyJAJkRAnJ2IvtKNH+RqlKeM
UwF6TCh/taHoKJ9EYsWf9jc+7KKEQa1h7QQTh/Pcmd0Dlq2FhKywrAvgxjMIM53u
lTXZsP1hsCCVmX97xe8nV1u/Scmi02WCjlxXidmYM7tIxWU8JXebY+4R2zQkfMEs
SJKeXzFwt3YcIa9P1Mer2TLUh0HoGRjut11N+KatKzPjqzUZ+kVjTbacEezIZbQU
E83YbSDddR8n1Y+W53BQmFragDY1/zLVSSkqL/DzRveLRRiwyFAu8a95XDW1lmvH
c1JNs6jnCv2ltsZ6b79sZQpM7RDrdDLZeM/VEZYSS/qEz+2lav4m9DNBpdnIuiz4
C1f4+JVpcWqEmrQqtRJVKP9VmWeaeB1WMdgY84lVX0Sqy2a0E8jLtUgpmPd5Vqwr
8ftp2tYe3G4DyohwGfBSlK70ErhyTwGhpq8iLe0VYLZIwOC61+6rHLyMShpJ9Dm0
yqWua5njzyW5h2bQlYUlT1l0dlP52TFVmV6dusCmGTDmUPwO8wfBIXZyLS1l+4Ic
+Wux6D4hY9E=
=WBPD
-----END PGP SIGNATURE-----