Home page logo
/

bugtraq logo Bugtraq mailing list archives

Cisco Security Advisory: Cisco AsyncOS Software Code Execution Vulnerability
From: Cisco Systems Product Security Incident Response Team <psirt () cisco com>
Date: Wed, 19 Mar 2014 12:11:51 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco AsyncOS Software Code Execution Vulnerability

Advisory ID: cisco-sa-20140319-asyncos

Revision 1.0

For Public Release 2014 March 19 16:00  UTC (GMT)

Summary
=======

Cisco AsyncOS Software for Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) contain 
a vulnerability that could allow an authenticated remote attacker to execute arbitrary code with the privileges of the 
root user.

Cisco has released free software updates that address this vulnerability.
Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140319-asyncos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJTKb4hAAoJEIpI1I6i1Mx35cMP/0ljzKTeBLaUxTB6AKLpxOuF
Y3VMZDN/qb5VTUbZ4aiEbN24xkIgtTJnR9kXG4qOQLRX1goJuNJ2nMaX9pCm2k9v
hxgIAZaKT1HAyQgculAeAUxXvYAUC1kQKXRpBUWDdsu0vtBo4eN+y8OucjIXxOOH
3d3mXWmxyzMQBtD+HTmwLR+J4qqSePJ0WIrm9m11oj5GN2DRAVKWZ/e7il9X4gwh
Ivx6w5MS1l11DhF6l+uXl9J9cRd5QjF0aytUkfnYO/VNr8HWgGObQL/sLkWx6PJ7
s6heSPwDCSfRioHBORbX3b8uncS0A868vE+GH1IEgpLnHeUbDcdvQg1pMHkNEGE4
pxIOueLAifV0/sNQuTYBhvVKz5Hub4Hxy/oRFg+kxrgZmC9acsYDyjDZQjwaImCC
q4MXkm6ZqaEdZsjuTrYloD3jk8kb6gD7wPq9mhOas8hisbg0Ahc0TGWtH4Lg/Mh8
UupyGSHMmjXHGgbyI1PUINy64KiCJ3rqSucbxSDHZyZmVKx1BWG1s2asvFoExZSI
ThPol4FEJDBiQ+YIpxtDUhF/R+nCPSPb+9+QnsnPcyHjYfCbBjDC1Ym38hrRUgnt
PHiaa9THdLd/cCnJmkRV6BzkqZIoTsUJxKfQA9u+KjW8OdlBthet2WaAhTcEqHdU
RpiqMIrhjhVpenDg+sze
=42JL
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
  • Cisco Security Advisory: Cisco AsyncOS Software Code Execution Vulnerability Cisco Systems Product Security Incident Response Team (Mar 19)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]