CISCO : Cisco Email Security Appliance MIME Header Bypass Vulnerability

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.140030

Kategorie: CISCO

Titel: Cisco Email Security Appliance MIME Header Bypass Vulnerability

Zusammenfassung: A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail; Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and; Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass the; filtering functionality of the targeted device. Emails that should have been quarantined could; instead be processed.;; The vulnerability is due to improper error handling when malformed MIME headers are present in the; email attachment. An attacker could exploit this vulnerability by sending an email with a crafted; attachment encoded with MIME. A successful exploit could allow the attacker to bypass the configured; email message and content filtering.;; Cisco has released software updates that address this vulnerability. Workarounds that address this; vulnerability are not available.

Beschreibung: Summary:
A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail
Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and
Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass the
filtering functionality of the targeted device. Emails that should have been quarantined could
instead be processed.

The vulnerability is due to improper error handling when malformed MIME headers are present in the
email attachment. An attacker could exploit this vulnerability by sending an email with a crafted
attachment encoded with MIME. A successful exploit could allow the attacker to bypass the configured
email message and content filtering.

Cisco has released software updates that address this vulnerability. Workarounds that address this
vulnerability are not available.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-6372
BugTraq ID: 93911
http://www.securityfocus.com/bid/93911
http://www.securitytracker.com/id/1037118
http://www.securitytracker.com/id/1037119

Copyright Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.140030
Kategorie:	CISCO
Titel:	Cisco Email Security Appliance MIME Header Bypass Vulnerability
Zusammenfassung:	A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail; Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and; Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass the; filtering functionality of the targeted device. Emails that should have been quarantined could; instead be processed.;; The vulnerability is due to improper error handling when malformed MIME headers are present in the; email attachment. An attacker could exploit this vulnerability by sending an email with a crafted; attachment encoded with MIME. A successful exploit could allow the attacker to bypass the configured; email message and content filtering.;; Cisco has released software updates that address this vulnerability. Workarounds that address this; vulnerability are not available.
Beschreibung:	Summary: A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass the filtering functionality of the targeted device. Emails that should have been quarantined could instead be processed. The vulnerability is due to improper error handling when malformed MIME headers are present in the email attachment. An attacker could exploit this vulnerability by sending an email with a crafted attachment encoded with MIME. A successful exploit could allow the attacker to bypass the configured email message and content filtering. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. Solution: See the referenced vendor advisory for a solution. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6372 BugTraq ID: 93911 http://www.securityfocus.com/bid/93911 http://www.securitytracker.com/id/1037118 http://www.securitytracker.com/id/1037119
Copyright	Copyright (C) 2016 Greenbone AG