Cisco's Pix firewall has a dangerous vulnerability, according to an advisory released by the company today.
The bug is in the SMTP command filtering feature, known as Mailguard, which is designed to give additional protection to the mail server.
Exploiting the hole would allow an attacker to gain information about email accounts and names. The attacker may also be able to execute arbitrary code on the mail server, if it is not properly secured.
Although there is not a direct workaround for this vulnerability, the company said that the potential for exploitation "can be lessened by ensuring that mail servers are secured without relying on the PIX functionality."
"If that server is already well configured, and has the latest security patches and fixes from the SMTP vendor, that will minimise the potential for exploitation of this vulnerability," the advisory reads.
All users of PIX firewalls with software versions 6.0(1), 5.2(5) and 5.2(4) with access to SMTP Mail services are at risk.
Apparently the glitch is a failure of the command fixup protocol smtp, which is enabled by default on the firewall.
More information can be found here.
Cisco also warned that internet firewalls do not protect against risk factors internal to a firewalled network such as social engineering, rogue internal users or additional external access points to the internal network, such as modem pools or network fax machines. As should, they should not be viewed as the only security measure necessary to ensure network integrity.
Kicking Palantir off of AWS is among their demands, too
Rafaela Vasquez was watching The Voice at the time of the crash, new evidence shows
PUBG price slashed on Steam after selling more than 50 million copies - as daily player numbers plunge
Use the same password for every website? It might be time to change them all