1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cisco patches high severity flaws in its Web Security Appliance

Discussion in 'Network World' started by RSS, May 19, 2016.

  1. RSS

    RSS New Member Member

    Cisco Systems has fixed four denial-of-service vulnerabilities that attackers could exploit to cause Web Security Appliance devices to stop processing traffic correctly.

    The Cisco Web Security Appliance (WSA) is a line of security devices that inspect Web traffic going in and out of an organization in order to detect malware, prevent data leaks, and enforce Internet access policies for users and applications. The devices run an operating system called Cisco AsyncOS.

    One of the four DoS vulnerabilities fixed Wednesday by Cisco stems from how the OS handles a specific HTTP response code. An attacker could send a specifically crafted HTTP request in order to consume the entire memory of an affected device.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page