PROBLEM:
Cisco IronPort Web / Email Security Appliance Sophos Anti-Virus Multiple Vulnerabilities
PLATFORM:
Cisco IronPort Email Security Appliances (C-Series and X-Series) running Sophos Engine versions 3.2.07.352_4.80 and prior.
Cisco IronPort Web Security Appliances (S-Series) running Sophos Engine versions 3.2.07.352_4.80 and prior.
ABSTRACT:
Cisco Ironport Appliances Sophos Anti-Virus Vulnerabilities.
REFERENCE LINKS:
Cisco Security Advisory ID: cisco-sa-20121108-sophos
Secunia Advisory SA51197
IMPACT ASSESSMENT:
High
DISCUSSION:
Cisco has acknowledged some vulnerabilities in Cisco IronPort Web Security Appliance and Cisco IronPort Email Security Appliance, which can be exploited by malicious people to compromise a vulnerable device.
The vulnerabilities are caused due to a bundled vulnerable version of Sophos Engine.
IMPACT:
Successful exploitation of these vulnerabilities may cause the Sophos Anti-Virus engine to crash. A remote, unauthenticated attacker may be able to gain control of the system, escalate privileges, or cause a denial-of-service condition.
SOLUTION:
No official solution is currently available.