Bugtraq mailing list archives

RE: Cisco Security Advisory: Cisco Firepower Malware Block Bypass Vulnerability

From: "Murray, Mike" <MMurray () csuchico edu>
Date: Wed, 30 Mar 2016 19:50:48 +0000

unsubscribe

-----Original Message-----
From: nobody () cisco com [mailto:nobody () cisco com] On Behalf Of Cisco Systems
Product Security Incident Response Team
Sent: Wednesday, March 30, 2016 9:18 AM
To: bugtraq () securityfocus com
Cc: psirt () cisco com
Subject: Cisco Security Advisory: Cisco Firepower Malware Block Bypass
Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Firepower Malware Block Bypass Vulnerability

Advisory ID: cisco-sa-20160330-fp

Revision 1.0

For Public Release 2016 March 30 16:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

A vulnerability in the malicious file detection and blocking features of
Cisco Firepower System Software could allow an unauthenticated, remote
attacker to bypass malware detection mechanisms on an affected system.

The vulnerability is due to improper input validation of fields in HTTP
headers. An attacker could exploit this vulnerability by sending a crafted
HTTP request to an affected system. A successful exploit could allow the
attacker to bypass malicious file detection or blocking policies that are
configured for the system, which could allow malware to pass through the
system undetected.

Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.

This advisory is available at the following link: 

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-s
a-20160330-fp
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (SunOS)

iQIVAwUBVvKwFq89gD3EAJB5AQIjFg/+MHsKskM68q7HIhF7EB6yN3Pjau4/1bPd
9xYd3UJ1bh9jmrObAlwEIL+P40WUKQCO23Z/66opMboXTBSMLrAe1/2xMevx+6f5
Gkl8V1Ew0Ziona0DE3D3vtdPTmnY19KRpUwIMQbYsiKs2SaxoiX04J5Ny21+Uxvz
xskTGEW0kX7HpZ2kWODmBTyLJS1/59SJ4WNt7Sf57FOsIZRg8tk4de27yavaVqbw
eFZRYRYITnW9Ks231NhJJErM64qCis2r9yNxU5tP6BbL/CDJNbcsbqXif2t4pDCZ
YLTm3sIzfLpmz+YCWSNwcc+UBe34ssmV8zRt3O51mruY7cWKycanvrHq+S9xURix
eVoaw+PWZl5kI0RMqQhT9lKR/INXR2Ek93KNPOJXYKuEk8UJA+mVzphUVJR7tifH
+iPK7SEEPASodgE5S2lP4d5iUV6U590eUABcfSmtbCP1a80lHpjXQVmjqIa3gnEm
Byab7fxjDDGfFcnMdndWyJhEULPgIo5BCg6jMCw9SWvK7u+rSqpA/VaVc3UnvU2K
xBTSm2DKd1t09Fo6x1rk+mLOhZ+Ch+7JLCcJxNJe9J0+a4YyuHE99RgV3WmGqOb3
Kx8ojX5yF6KqT+K4pZx2LKwL8rp+r5lZu40EIz0jrFGhKKXftLOADWqMbFwZOxKR
xUMD/t+aY6s=
=sOTL
-----END PGP SIGNATURE-----

Attachment: smime.p7s
Description:

Current thread:

Cisco Security Advisory: Cisco Firepower Malware Block Bypass Vulnerability Cisco Systems Product Security Incident Response Team (Mar 30)
- RE: Cisco Security Advisory: Cisco Firepower Malware Block Bypass Vulnerability Murray, Mike (Mar 30)