CVE-2016-6396

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2016-6396 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The original article can be found at: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160907-fsss1

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2016-6396

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* Cisco Firesight System Software 5.1.0
* Cisco Firesight System Software 5.1.0.1
* Cisco Firesight System Software 5.1.0.2
* Cisco Firesight System Software 5.1.0.3
* Cisco Firesight System Software 5.1.1
* Cisco Firesight System Software 5.1.1.1
* Cisco Firesight System Software 5.1.1.2
* Cisco Firesight System Software 5.1.1.3
* Cisco Firesight System Software 5.1.1.4
* Cisco Firesight System Software 5.1.1.5
* Cisco Firesight System Software 5.1.1.6
* Cisco Firesight System Software 5.1.1.8
* Cisco Firesight System Software 5.1.1.9
* Cisco Firesight System Software 5.1.1.10
* Cisco Firesight System Software 5.1.1.11
* Cisco Firesight System Software 5.2.0
* Cisco Firesight System Software 5.2.0.1
* Cisco Firesight System Software 5.2.0.2
* Cisco Firesight System Software 5.2.0.3
* Cisco Firesight System Software 5.2.0.4
* Cisco Firesight System Software 5.2.0.5
* Cisco Firesight System Software 5.2.0.6
* Cisco Firesight System Software 5.2.0.8
* Cisco Firesight System Software 5.3.0
* Cisco Firesight System Software 5.3.0.1
* Cisco Firesight System Software 5.3.0.2
* Cisco Firesight System Software 5.3.0.3
* Cisco Firesight System Software 5.3.0.4
* Cisco Firesight System Software 5.3.0.5
* Cisco Firesight System Software 5.3.0.6
* Cisco Firesight System Software 5.3.0.7
* Cisco Firesight System Software 5.3.1
* Cisco Firesight System Software 5.3.1.1
* Cisco Firesight System Software 5.3.1.2
* Cisco Firesight System Software 5.3.1.3
* Cisco Firesight System Software 5.3.1.4
* Cisco Firesight System Software 5.3.1.5
* Cisco Firesight System Software 5.3.1.7
* Cisco Firesight System Software. 4.0
* Cisco Firesight System Software 5.4.0.1
* Cisco Firesight System Software 5.4.0.2
* Cisco Firesight System Software 5.4.0.3
* Cisco Firesight System Software 5.4.0.4
* Cisco Firesight System Software 5.4.0.5
* Cisco Firesight System Software 5.4.0.6
* Cisco Firesight System Software 5.4.1
* Cisco Firesight System Software 5.4.1.2
* Cisco Firesight System Software 5.4.1.3
* Cisco Firesight System Software 5.4.1.4
* Cisco Firesight System Software 6.0.0
* Cisco Firesight System Software 6.0.0.1
* Cisco Firesight System Software 6.0.1

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system.
The vulnerability is due to improper input validation of fields in HTTP headers. An attacker could exploit this vulnerability by crafting specific file content on a server or persuading a user to click a specific link. A successful exploit could allow the attacker to bypass malicious file detection or blocking policies that are configured for the system, which could allow malware to pass through the system undetected.

CVE Information:
CVE-2016-6396

Disclosure Timeline:
Publish Date : 2016-09-12
Last Update Date : 2016-09-12

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus