01 JUL

Cisco Issues IronPort Patch - Vulnerabilities exposed systems to remote crash and takeover

Published by Richard Parry on 1st Jul 2013

Cisco has issued a patch for vulnerabilities that exposed its IronPort AsyncOS software for the Cisco e-mail security appliance to cover denial-of-service and command injection problems.



The vulnerability, described here, exposed several IronPort components. Its Web framework would allow and authenticated remote user to execute arbitrary commands with elevated privileges.

“An authenticated but unprivileged attacker could exploit this vulnerability by sending a crafted URL to the affected system, or by convincing a valid user to click on a malicious URL. A successful exploit could allow an attacker with sufficient knowledge to take complete control of the affected device,” Cisco notes.

Cisco also notes that the IronPort spam quarantine and its management GUI are both vulnerable to denial-of-service attacks. The spam quarantine has an improper handling of TCP connection requests at high speed, while the GUI is vulnerable to DoS attacks on HTTP and HTTPS connections.

Cisco has patches available for affected software.

Cisco Issues IronPort Patch - Vulnerabilities exposed systems to remote crash and takeover

Would you like to know more about this article and how Server Case can help your organisation? Please complete the form below and one of our team will get back to you right away.

Submit
News by Author
News Archive

Weekly Updates

We update our News every week with new content. Please subscribe to our news feed for information about press, corporate updates and what's happening at Server Case.

Recent Posts

Server Case UK Attains Asus Business Gold Partner Status.
Server Case UK Attains Asus Business Gold Partner Status.
Published by Andrew McLean on 7th Oct 2019
Server Case UK Awarded Intel Platinum Partner
Server Case UK Awarded Intel Platinum Partner
Published by Andrew McLean on 30th Aug 2019
NVIDIA Quadro RTX 4000 Is Here!
NVIDIA Quadro RTX 4000 Is Here!
Published by Andrew McLean on 11th Dec 2018
Server Case UK attains NVIDIA Preferred Partner status.
Server Case UK attains NVIDIA Preferred Partner status.
Published by Andrew McLean on 26th Oct 2018

LinkedIn

Instagram

Call us today on 01283 576162 to talk directly to one of our server specialists

Who we are

Server Case are the UK's server case and components specialists, selling PC cases, server cases, 19" Rackmount cases, Backplane modules, mobile disk racks, externam disk boxes and power supplies. server systems and components with thousands of products available to purchase securely online.

UK's only authorised eCommerce reseller of server chassis to the general public & companies.

Read more

Latest News

Server Case UK Attains Asus Business Gold Partner Status.

Posted on: 7th Oct 2019

We are very proud to announce our appointment as an ASUS Business Gold Partner.We have successfully grown our sales of Asus server & workstation motherboards as well as server barebone and complete solutions with a variety of new customers from new markets.Our longstanding expertise in servers and rack mo... [...] Read more

More news

Latest Tweets

More on Twitter

Latest Video

View more of our reviews, unboxing and installation videos on YouTube.

View more

Business Links

Site Information

  • Secured by Sage Pay
  • PayPal
  • WorldPay
  • Visa
  • Visa Electron
  • Maestro
  • Master Card