Security authorities announced total 2 items of high severity vulnerabilities from cisco products today. IT Guy must stay alert!

1. Cisco Web Security Appliance Web Proxy Memory Exhaustion Denial of Service Vulnerability

Cisco AsyncOS Operating System started with a FreeBSD kernel and made three major changes to create the Cisco Email Security appliance.

One of the possibility:

A design limitation on FreeBSD is that When network packets making up a TCP segment are received out-of-sequence, these packets are held in a reassembly queue on the destination system so that they can be re-ordered and re-assembled. By sending a large number of out-of-sequence TCP packets, an unauthenticated, remote attacker could exhaust all memory buffers (mbufs) on the destination system resulting in a denial-of-service condition.

Offical announcement shown as below:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-dos

2. Unified Communications Manager IM & Presence Service Denial-of-Service Vulnerability. Offical announcement shown as below:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-ucmimps-dos