Cisco Cisco Email Security Appliance C170 릴리즈 노트

The following is a list of resolved issues in the Cisco IronPort AsyncOS 7.6.2 for Email release.

Log Injection Vulnerability. This version of AsyncOS fixes a log injection vulnerability, where 
invalid entries could be added to the appliance’s logs.

Damage Caused by Reboot Without Proper Shutdown. Previously, rebooting the appliance 
without proper shutdown sometimes caused irreparable damage to the appliance. 

Delivery Status Details Report Shows Error Message. Fixed an issue where the Delivery Status 
Details report page for an IPv4 or IPv6 destination would show a “cannot concatenate 'str' and 'IPv6' 
(or IPv4) objects” error message.

Appliance Does Not Retry DNS Query. Fixed an issue where the appliance would not retry a DNS 
query when it doesn’t get a response when the appliance is configured to use root DNS or only 
multiple local DNS servers with the same priority level. A timeout has been added to allow the 
appliance to retry a DNS query if it does not receive a response.

Packet Capture Doesn’t Capture Traffic On VLAN Interface When Filter is Used. Fixed an 
issue where Packet Capture didn’t capture traffic on a VLAN interface when a custom filter was 
used.

User Connects to Wrong Interface When Using telnet and the hostname. Previously, if the user 
did not specify a network interface for telnet connections, attempting to telnet into the appliance 
using the hostname would result in the user connecting to the wrong network interface. This issue 
has been resolved. Now, using telnet and the appliance’s hostname results in connecting to the 
appliance’s default network interface.

DNS Queries Fail Because of AAAA Record Request. Previously, the Email Security appliance 
would request AAAA records from an MX even if the dnshostpref and destconfig DNS preference 
require only IPv4 connections. If the MX returns a valid A record, but not an AAAA record, the mail 
delivery would fail. This issue has been resolved. Now, appliance only requests A records for IPv4 
connections. 

CPU Usage May Unexpectedly Run at Maximum Capacity. Previously, in rare circumstances, 
SNMP could drive CPU usage to %100. This problem no longer occurs.

A vulnerability in the Cisco IronPort Email Security appliance that could have 
allowed an authenticated, remote attacker to execute arbitrary commands on the 
underlying operating system with elevated privileges.

For more information on the vulnerability, see the Cisco security advisory at 

.

A vulnerability in the Cisco IronPort Email Security appliance that could have 
allowed an unauthenticated, remote attacker to cause multiple critical processes to 
become unresponsive, resulting in a denial of service condition. 

For more information on the vulnerability, see the Cisco security advisory at 

.