ASA IOS upgrade version question

Answered Question
Jun 25th, 2010

We have a 5510 failover pair that needs to be upgraded to address some security vulnerabilities. The security advisory can be found here - http://www.cisco.com/warp/public/707/cisco-sa-20100217-asa.shtml. Specifically addressing the NTLM vulnerability.

The issue I am trying to sort out is that the NTLM is addressed by 8.2(2.1) and I see 8.2.2.ED available for download. The advisory recommends 8.2(2.4), but i would like to avoid interim releases if possible. So after all that my question is whether or not 8.2(2.1) is the same as 8.2.2.ED that is available on the download site.

Thanks in advance.

I have this problem too.
0 votes
Correct Answer by kangupta about 6 years 5 months ago

8.2.2.1 is not the same as 8.2.2ED

You will need to upgrade to atleast 8.2.2.1 interim to get around the NTLM vulnerability. The latest available interim is 8.2.2.16.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
kangupta Fri, 06/25/2010 - 11:10

8.2.2.1 is not the same as 8.2.2ED

You will need to upgrade to atleast 8.2.2.1 interim to get around the NTLM vulnerability. The latest available interim is 8.2.2.16.

Joyce Li Fri, 06/25/2010 - 12:26

Do you know where I can get the interim release code, such as ASA8.0.5.2 or 8

.0.5.7? Thanks.

kangupta Fri, 06/25/2010 - 13:10

Hi,

- For interim releases not available on CCO you need to contact Cisco  TAC to publish it for you.

- Some interims can be found under here-

http://www.cisco.com/pcgi-bin/tablebuild.pl/ASAPSIRT

Note that this requires a CCO ID with software download privileges.

and

http://www.cisco.com/cgi-bin/tablebuild.pl/asa-interim

Note- 8.0.5.2 and 8.0.5.7 interim images were not released.

Thanks.

Actions

This Discussion