04-02-2010 11:22 AM - edited 02-21-2020 03:55 AM
Can anyone confirm whether the ASA 8.0.3 image is affected by denial of service (DoS) vulnerabilities that manipulate the state of Transmission Control Protocol (TCP) connections?
Solved! Go to Solution.
04-02-2010 03:20 PM
DOS to VPN on ASA is not affected on version 8.0.3:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml
However, you might be affected by the following vulnerabilities:
http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml
04-02-2010 03:20 PM
DOS to VPN on ASA is not affected on version 8.0.3:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml
However, you might be affected by the following vulnerabilities:
http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml
04-06-2010 07:39 AM
Halijenn, thank you for confirming that 8.0.3 is not affected by the TCP DOS vulnerability.
I also looked at the other vulnerabilities listed in the other link. We're currently using 8.0.3(19), so it looks like we're only concerned with SIP inspections which we do not have implemented. Again, thank you for the heads up for providing the link.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: