06-25-2010 10:55 AM - edited 03-11-2019 11:03 AM
We have a 5510 failover pair that needs to be upgraded to address some security vulnerabilities. The security advisory can be found here - http://www.cisco.com/warp/public/707/cisco-sa-20100217-asa.shtml. Specifically addressing the NTLM vulnerability.
The issue I am trying to sort out is that the NTLM is addressed by 8.2(2.1) and I see 8.2.2.ED available for download. The advisory recommends 8.2(2.4), but i would like to avoid interim releases if possible. So after all that my question is whether or not 8.2(2.1) is the same as 8.2.2.ED that is available on the download site.
Thanks in advance.
Solved! Go to Solution.
06-25-2010 11:10 AM
8.2.2.1 is not the same as 8.2.2ED
You will need to upgrade to atleast 8.2.2.1 interim to get around the NTLM vulnerability. The latest available interim is 8.2.2.16.
06-25-2010 11:10 AM
8.2.2.1 is not the same as 8.2.2ED
You will need to upgrade to atleast 8.2.2.1 interim to get around the NTLM vulnerability. The latest available interim is 8.2.2.16.
06-25-2010 11:37 AM
Thanks for the quick response, that confirmed what i thought.
06-25-2010 12:26 PM
Do you know where I can get the interim release code, such as ASA8.0.5.2 or 8
.0.5.7? Thanks.
06-25-2010 01:10 PM
Hi,
- For interim releases not available on CCO you need to contact Cisco TAC to publish it for you.
- Some interims can be found under here-
http://www.cisco.com/pcgi-bin/tablebuild.pl/ASAPSIRT
Note that this requires a CCO ID with software download privileges.
and
http://www.cisco.com/cgi-bin/tablebuild.pl/asa-interim
Note- 8.0.5.2 and 8.0.5.7 interim images were not released.
Thanks.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: