Cisco applies plaster to email, Web security appliances

Patch where you can, restrict where you can’t
Richard Chirgwin
Cisco email and Web security appliance customers have some patching to do to paper over newly revealed denial-of-service and other cracks.
The Borg has issued two advisories for Web security appliances, one covering a DoS bug and the other addressing a problem with DNS resolution.
In the DNS issue, a remote attacker can hose the appliance by sending high-rate TCP proxy traffic, crashing DNS name resolution in the device. Users get a 503 ┬ôservice unavailable┬ö error (meaning they can’t get past the appliance to the internet).
To read the entire article, please click here.


Leave A Comment