SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Embedded Server/Appliance)  >   Cisco Email Security Appliance Vendors:   Cisco
Cisco Email Security Appliance DMARC Policy Processing Flaw Lets Remote Users Deny Service
SecurityTracker Alert ID:  1032961
SecurityTracker URL:  http://securitytracker.com/id/1032961
CVE Reference:   CVE-2015-4278   (Links to External Site)
Date:  Jul 16 2015
Impact:   Denial of service via network
Vendor Confirmed:  Yes  
Version(s): 8.5.6-106, 9.5.0-201
Description:   A vulnerability was reported in Cisco Email Security Appliance. A remote user can cause partial denial of service conditions on the target system.

A remote user can generate specially crafted Domain-Based Message Authentication, Reporting, and Conformance (DMARC) policy records that, when processed by the target device, will cause the device to stop receiving email messages from domains with the specially crafted DMARC policy records.

The vendor has assigned bug ID CSCuv14806 to this vulnerability.

Impact:   A remote user can cause the target application to stop receiving email messages.
Solution:   No solution was available at the time of this entry.

The vendor's advisory is available at:

http://tools.cisco.com/security/center/viewAlert.x?alertId=39940

Vendor URL:  tools.cisco.com/security/center/viewAlert.x?alertId=39940 (Links to External Site)
Cause:   Input validation error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC