CVE-2020-3132 – Cisco Email Security Appliance Shortened URL Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3132
A vulnerability in the email message scanning feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a temporary denial of service (DoS) condition on an affected device. The vulnerability is due to inadequate parsing mechanisms for specific email body components. An attacker could exploit this vulnerability by sending a malicious email containing a high number of shortened URLs through an affected device. A successful exploit could allow the attacker to consume processing resources, causing a DoS condition on an affected device. To successfully exploit this vulnerability, certain conditions beyond the control of the attacker must occur. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-shrt-dos-wM54R8qA • CWE-400: Uncontrolled Resource Consumption •
CVE-2020-3134 – Cisco Email Security Appliance Zip Decompression Engine Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3134
A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of zip files. An attacker could exploit this vulnerability by sending an email message with a crafted zip-compressed attachment. A successful exploit could trigger a restart of the content-scanning process, causing a temporary DoS condition. This vulnerability affects Cisco AsyncOS Software for Cisco ESA releases earlier than 13.0. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-dos-87mBkc8n • CWE-20: Improper Input Validation •
CVE-2019-15971 – Cisco Email Security Appliance MP3 Content Filter Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-15971
A vulnerability in the MP3 detection engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper validation of certain MP3 file types. An attacker could exploit this vulnerability by sending a crafted MP3 file through the targeted device. A successful exploit could allow the attacker to bypass configured content filters that would normally drop the email. Una vulnerabilidad en el motor de detección de MP3 del Software Cisco AsyncOS para Cisco Email Security Appliance (ESA), podría permitir a un atacante remoto no autenticado omitir los filtros de contenido configurados en el dispositivo. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-esa-mp3-bypass • CWE-20: Improper Input Validation CWE-345: Insufficient Verification of Data Authenticity •
CVE-2019-15988 – Cisco Email Security Appliance URL Filtering Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-15988
A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An attacker could exploit this vulnerability by crafting the URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for the affected device, which could allow malicious URLs to pass through the device. Una vulnerabilidad en los mecanismos de protección antispam del Software Cisco AsyncOS para Cisco Email Security Appliance (ESA), podría permitir a un atacante remoto no autenticado omitir los filtros de reputación de URL en un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-esa-url-bypass • CWE-20: Improper Input Validation •
CVE-2019-15961 – Clam AntiVirus (ClamAV) Software Email Parsing Vulnerability
https://notcve.org/view.php?id=CVE-2019-15961
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition. Una vulnerabilidad en el módulo de análisis de correo electrónico de Clam AntiVirus (ClamAV) Software versiones 0.102.0, 0.101.4 y anteriores, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio en un dispositivo afectado. • https://bugzilla.clamav.net/show_bug.cgi?id=12380 https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010 https://security.gentoo.org/glsa/202003-46 https://usn.ubuntu.com/4230-2 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •