Solved: ASA 8.0.3 Vulnerable to TCP DOS Attacks?

stanleylam7_2 · ‎04-02-2010

Can anyone confirm whether the ASA 8.0.3 image is affected by denial of service (DoS) vulnerabilities that manipulate the state of Transmission Control Protocol (TCP) connections?

Jennifer Halim · ‎04-02-2010

DOS to VPN on ASA is not affected on version 8.0.3:

http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml

However, you might be affected by the following vulnerabilities:

http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml

View solution in original post

Jennifer Halim · ‎04-02-2010

DOS to VPN on ASA is not affected on version 8.0.3:

http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml

However, you might be affected by the following vulnerabilities:

http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml

stanleylam7_2 · ‎04-06-2010

Halijenn, thank you for confirming that 8.0.3 is not affected by the TCP DOS vulnerability.

I also looked at the other vulnerabilities listed in the other link. We're currently using 8.0.3(19), so it looks like we're only concerned with SIP inspections which we do not have implemented. Again, thank you for the heads up for providing the link.