ASA 8.0.3 Vulnerable to TCP DOS Attacks?

Answered Question
Apr 2nd, 2010
User Badges:

Can anyone confirm whether the ASA 8.0.3 image is affected by denial of service (DoS)       vulnerabilities that manipulate the state of Transmission Control  Protocol       (TCP) connections?

Correct Answer by Jennifer Halim about 7 years 3 months ago

DOS to VPN on ASA is not affected on version 8.0.3:

However, you might be affected by the following vulnerabilities:

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
stanleylam7_2 Tue, 04/06/2010 - 07:39
User Badges:

Halijenn, thank you for confirming that 8.0.3 is not affected by the TCP DOS vulnerability.

I also looked at the other vulnerabilities listed in the other link.  We're currently using 8.0.3(19), so it looks like we're only concerned with SIP inspections which we do not have implemented.  Again, thank you for the heads up for providing the link.


This Discussion