Cisco Issues IronPort Patch - Vulnerabilities exposed systems to remote crash and takeover
Cisco has issued a patch for vulnerabilities that exposed its IronPort AsyncOS software for the Cisco e-mail security appliance to cover denial-of-service and command injection problems.
The vulnerability, described here, exposed several IronPort components. Its Web framework would allow and authenticated remote user to execute arbitrary commands with elevated privileges.
“An authenticated but unprivileged attacker could exploit this vulnerability by sending a crafted URL to the affected system, or by convincing a valid user to click on a malicious URL. A successful exploit could allow an attacker with sufficient knowledge to take complete control of the affected device,” Cisco notes.
Cisco also notes that the IronPort spam quarantine and its management GUI are both vulnerable to denial-of-service attacks. The spam quarantine has an improper handling of TCP connection requests at high speed, while the GUI is vulnerable to DoS attacks on HTTP and HTTPS connections.
Cisco has patches available for affected software.
Facebook
Twitter
LinkedIn
Instagram
Call us today on 01283 576162 to talk directly to one of our server specialists
Who we are
Europe's specialist value added distributor of server chassis, server components and server systems.
Server Case is a specialist server chassis distributor based here in the United Kingdom, with an extensive range of 19” rackmount cases built to suit a variety of environments; including remote industrial servers and everything in between. Furthermore, our distribution partnerships have allowed us to develop and deliver Server Barebones and fully configured systems to the vast IT Channel and Enterprise customers.
Latest Blog
MSI Rackmount Servers: A New Contender in Enterprise Solutions
Posted on: 2nd Aug 2024
The landscape of enterprise computing continues to evolve, with companies like MSI, ASUS, and Supermicro offering robust server solutions tailored to various needs. Among the latest contenders in this space are MSI's new rackmount servers, part of their MSI Enterprise Platform Solutions. These servers are designed to meet the demanding requirements of modern enterprises, providing an appealing alt... [...] Read more
Latest Video
View more of our reviews, unboxing and installation videos on YouTube.
Business Links
Site Information