CVE-2016-6439

Name of the Vulnerable Software and Affected Versions Cisco Firepower System Software versions prior to 6.0.1

Description A denial of service condition can occur due to improper handling of an HTTP packet stream, allowing an unauthenticated, remote attacker to cause the Snort process to restart unexpectedly. This can be exploited by sending a crafted HTTP packet stream to the detection engine, potentially bypassing traffic inspection or dropping traffic.

Recommendations For versions prior to 6.0.1, update to version 6.0.1 or later to resolve the issue. As a temporary workaround, consider implementing measures to restrict or monitor HTTP packet streams to the detection engine to minimize the risk of exploitation.