[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [FD] ESA-2017-115: EMC AppSync Host Plug-in Denial of Service Vulnerability
From: EMC Product Security Response Center <Security_Alert () emc ! com>
Date: 2017-09-26 18:51:39
Message-ID: 1BF8853173D9704A93EF882F85952A892F9105 () MX304CL04 ! corp ! emc ! com
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
ESA-2017-115: EMC AppSync Host Plug-in Denial of Service Vulnerability
EMC Identifier: ESA-2017-115
CVE Identifier: CVE-2017-8018
Severity Rating: CVSS v3 Base Score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected products:
EMC AppSync host plug-in versions 3.5 and below (Windows platform only)
Summary:
EMC AppSync host plug-in on Windows platform includes a denial of service (DoS) vulnerability \
that could potentially be exploited by malicious users to compromise the affected system.
Details:
EMC AppSync Host Plug-in (AppSync agent) on Windows platforms may be vulnerable when processing \
a large amount of network packets. An unauthenticated remote attacker can send specifically \
crafted packets to the vulnerable service (port 10004) and cause denial of service situation.
Resolution:
* Upgrade to EMC AppSync Host Plug-in version 3.1 followed by deploying Host Plug-in patch \
version 3.1.0.3 on top of 3.1
* Upgrade to EMC AppSync Host Plug-in version 3.5 followed by deploying with AppSync security \
update for Windows Host Plug-in Denial of Service Vulnerability Hot Fix at location on top of \
3.5 EMC recommends all customers upgrade at the earliest opportunity.
Customers are advised to follow security best practices and block all traffic to AppSync agents \
by default and explicitly allow only specific traffic from known AppSync servers. This strategy \
provides good control over the traffic and helps minimize the attack surface. See EMC AppSync \
Security Configuration Guide for more information.
Link to remedies:
Customers can download software from https://support.emc.com/downloads/25364_AppSync
Credits:
EMC would like to thank Fortinet's FortiGuard Labs for reporting this vulnerability.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJZypKRAAoJEHbcu+fsE81ZR4MIAIHWM1fI80GG4W5YdHzJ8IaB
2xsgNOV6VeXkBgS+1HhEpolV4kKUP02qExULO0qTTqf/5pEdefnNrYZkh6PdS8s6
WFle4+srPgcxZr0WFDEZRzDpc0TyczaL6lR6a9x6a6uU4Lrit/ZwUdEduQEt3nM1
IFd7f5FBvyNt5cY77pJellKi7XPwpaWKy2NWl1+lKqabc1tSHNkyGqyqIUJ58hbG
zyEVsJ1jEtEb0YEB7TKj1ICzayGeuIqq01zi5SzOTaPP7LCPYSzK2fzaSyzL6VwY
IwlUvFkJCkJXMwA34GYInr19f3psvZL7r9hiRspijs3A5VPk5EGHT/1SOcKduzo=
=LLed
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic