Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-042 on Email Security Appliance (ESA) devices; before 9.1.0-032, 9.1.1 before 9.1.1-005, and 9.5.x before 9.5.0-025 on Content Security Management Appliance (SMA) devices; and before 7.7.0-725 and 8.x before 8.0.8-113 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets, aka Bug IDs CSCus79774, CSCus79777, and CSCzv95795.

According to its self-reported version, the Cisco Web Security Appliance (WSA) running on the remote host is affected by the following vulnerabilities :

  - A denial of service vulnerability exists due to a     failure to free memory objects when retrieving data from     the proxy server to terminate a TCP connection. An     unauthenticated, remote attacker can exploit this, by     opening a large number of proxy connections, to cause     exhaustion of memory, resulting in the WSA to stop     passing traffic. (CVE-2015-6292)

  - A denial of service vulnerability exists due to a     failure to free memory when a file range is requested.
    An unauthenticated, remote attacker can exploit this, by     opening multiple connections that request file ranges,     to cause exhaustion of memory, resulting in the WSA to     stop passing traffic. (CVE-2015-6293)

  - A flaw exists in the certificate generation process due     to improper validation of parameters passed to the     affected scripts of the web interface. An authenticated,     remote attacker can exploit this, via crafted arguments     to the parameters, to execute arbitrary commands on the     system with root level privileges. (CVE-2015-6298)

  - A denial of service vulnerability exists due to improper     handling of TCP packets sent at a high rate. An     unauthenticated, remote attacker can exploit this to     exhaust all available memory, preventing any more     TCP connections from being accepted. (CVE-2015-6321)

According to its self-reported version, the Cisco Content Security Management Appliance (SMA) running on the remote host is affected by a denial of service vulnerability in the network stack of Cisco AsynOS due to improper handling of TCP packets sent at a high rate. An unauthenticated, remote attacker can exploit this to exhaust all available memory, preventing any more TCP connections from being accepted.

According to its self-reported version, the Cisco AsyncOS running on the remote Cisco Email Security (ESA) appliance is affected by the following vulnerabilities :

  - An anti-spam bypass vulnerability exists in the anti-spam     scanner due to improper handling of malformed packets. An     unauthenticated, remote attacker can exploit this, via     a crafted DNS Sender Policy Framework (SPF) record, to     bypass the scanner. (CVE-2015-4184)

  - A denial of service vulnerability exists in the email     filtering feature due to improper input validation of     email attachment fields. An unauthenticated, remote     attacker can exploit this, via a crafted email with an     attachment, to cause memory to be consumed at a high     rate, resulting in the filtering process being restarted     over again. (CVE-2015-6291)

  - A denial of service vulnerability exists due to improper     handling of TCP packets sent at a high rate. An     unauthenticated, remote attacker can exploit this to     exhaust all available memory, preventing any more     TCP connections from being accepted. (CVE-2015-6321)

ID	Name	Product	Family	Severity
86916	Cisco Web Security Appliance Multiple Vulnerabilities	Nessus	CISCO	critical
86915	Cisco Content Security Management Appliance TCP Flood DoS (CSCus79777)	Nessus	CISCO	high
86914	Cisco Email Security Appliance Multiple Vulnerabilities	Nessus	CISCO	high

Detections

Analytics

CVE-2015-6321

high

Tenable Plugins

critical

high

high