A vulnerability in Cisco Wide Area Application Services (WAAS) software versions 5.1.1 through 5.1.1d, when configured with the SharePoint acceleration feature, could allow an unauthenticated, remote attacker to exploit a buffer overflow and cause arbitrary code execution. The vulnerability is due to incorrect buffer handling for SharePoint responses. An attacker could exploit this vulnerability by convincing a user to access a malicious SharePoint application. An exploit could allow the attacker to crash the application optimization handler and execute arbitrary code with elevated privileges on the WAAS appliance. Cisco has released software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-waas
waas_lab#sh run | include prefetch accelerator http sharepoint-opt prefetch enable
waas_lab#show accelerator http Accelerator Licensed Config State Operational State ----------- -------- ------------ ----------------- http Yes Enabled Running HTTP: Accelerator Config Item Mode Value ----------------------- ---- ------ Suppress Server Encoding Default Disabled [...] Sharepoint Prefetch User Enabled [...]
Major Releases |
Recommended Release |
4.x |
Not affected |
5.0.x | Not affected |
5.1.x | 5.1.1e |
5.2.x | Not affected |
5.3.x | Not affected |
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Revision 1.0 | 2014-May-21 | Initial public release. |
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy, and may lack important information or contain factual errors. The information in this document is intended for end-users of Cisco products.