ASA 8.0.3 Vulnerable to TCP DOS Attacks?

Answered Question
Apr 2nd, 2010

Can anyone confirm whether the ASA 8.0.3 image is affected by denial of service (DoS)       vulnerabilities that manipulate the state of Transmission Control  Protocol       (TCP) connections?

I have this problem too.
0 votes
Correct Answer by Jennifer Halim about 6 years 8 months ago

DOS to VPN on ASA is not affected on version 8.0.3:

http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml

However, you might be affected by the following vulnerabilities:

http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
stanleylam7_2 Tue, 04/06/2010 - 07:39

Halijenn, thank you for confirming that 8.0.3 is not affected by the TCP DOS vulnerability.

I also looked at the other vulnerabilities listed in the other link.  We're currently using 8.0.3(19), so it looks like we're only concerned with SIP inspections which we do not have implemented.  Again, thank you for the heads up for providing the link.

Actions

This Discussion