I have a 3 interface pix 515. The DMZ interface has one old switch attached to it keeping it separate from the rest of my network. If I was to create a vlan for it and attach it to my 6509 instead, so I can use DMZ vlaned ports on other switches throughout my network, are there additional security issues I need to be aware of?
I agree with what the other posters have said but you do need to be careful with vlan hoppong / tagging. As you are using a blade system you will have a trunk between your blade chassis switches and the 6500's. A compromised client does not need to have it's NIC on a trunk port to compromise your internal network.
Attached is a a link to a very useful doc about Vlan security from Cisco.
Overall as the others have said you can mitigate against these problems. One less technical issue is that you must also have very good change procedures in place. Because you are now using the same switches for internal and external traffic a slight mistake in the configuration can cause problems.
Actually, there are ways to mitigate the possible issues that we had brought up in the previous posts.
Broadcast Storms - Use storm control to suppress any excessive broadcasts.
ARP/MAC Spoofing - Configure switchport port security to prevent spoofed MAC addresses.
Vlan Hopping - i believe it only comes into play on trunk ports and hence, this issue is highly unlikely to happen in your setup as the servers ports are probably access ports.
IMO, you can connect all the servers to the same card in the switch. Take all measures to secure the DMZ vlan from not only causing any disruptions to other vlans but between the devices in the DMZ vlan itself. You might want to consider using private vlans aka PVLANs or protected ports to mitigate the effects of one compromised server on the DMZ vlan from affecting the other one in the same vlan.