You are here

V-021: Cisco IronPort Web / Email Security Appliance Sophos Anti-Virus Multiple Vulnerabilities

November 12, 2012 - 6:00am

Addthis

PROBLEM:

Cisco IronPort Web / Email Security Appliance Sophos Anti-Virus Multiple Vulnerabilities

PLATFORM:

Cisco IronPort Email Security Appliances (C-Series and X-Series) running Sophos Engine versions 3.2.07.352_4.80 and prior.
Cisco IronPort Web Security Appliances (S-Series) running Sophos Engine versions 3.2.07.352_4.80 and prior.

ABSTRACT:

Cisco Ironport Appliances Sophos Anti-Virus Vulnerabilities.

REFERENCE LINKS:

Cisco Security Advisory ID: cisco-sa-20121108-sophos
Secunia Advisory SA51197

IMPACT ASSESSMENT:

High

DISCUSSION:

Cisco has acknowledged some vulnerabilities in Cisco IronPort Web Security Appliance and Cisco IronPort Email Security Appliance, which can be exploited by malicious people to compromise a vulnerable device.

The vulnerabilities are caused due to a bundled vulnerable version of Sophos Engine.

IMPACT:

Successful exploitation of these vulnerabilities may cause the Sophos Anti-Virus engine to crash. A remote, unauthenticated attacker may be able to gain control of the system, escalate privileges, or cause a denial-of-service condition.

SOLUTION:

No official solution is currently available.

Addthis