Cisco Content Security Management Appliance 9.1.0 Denial of Service Overflow Vulnerability
19 Dec. 2016
The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WSA) devices 9.0.0-162 through 9.5.0-444, and Content Security Management Appliance (SMA) devices allows remote attackers to cause a denial of service via a flood of FTP traffic, aka Bug IDs CSCuz82907, CSCuz84330, and CSCuz86065.
A vulnerability in the local File Transfer Protocol (FTP) service on the Cisco AsyncOS for Email Security Appliance (ESA), Web Security Appliance (WSA), and Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
The vulnerability is due to lack of throttling of FTP connections. An attacker could exploit this vulnerability by sending a flood of FTP traffic to the local FTP service on the targeted device. An exploit could allow the attacker to cause a DoS condition.