cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1164
Views
0
Helpful
4
Replies

ASA IOS upgrade version question

eric_brown012
Level 1
Level 1

We have a 5510 failover pair that needs to be upgraded to address some security vulnerabilities. The security advisory can be found here - http://www.cisco.com/warp/public/707/cisco-sa-20100217-asa.shtml. Specifically addressing the NTLM vulnerability.

The issue I am trying to sort out is that the NTLM is addressed by 8.2(2.1) and I see 8.2.2.ED available for download. The advisory recommends 8.2(2.4), but i would like to avoid interim releases if possible. So after all that my question is whether or not 8.2(2.1) is the same as 8.2.2.ED that is available on the download site.

Thanks in advance.

1 Accepted Solution

Accepted Solutions

kangupta
Cisco Employee
Cisco Employee

8.2.2.1 is not the same as 8.2.2ED

You will need to upgrade to atleast 8.2.2.1 interim to get around the NTLM vulnerability. The latest available interim is 8.2.2.16.

View solution in original post

4 Replies 4

kangupta
Cisco Employee
Cisco Employee

8.2.2.1 is not the same as 8.2.2ED

You will need to upgrade to atleast 8.2.2.1 interim to get around the NTLM vulnerability. The latest available interim is 8.2.2.16.

Thanks for the quick response, that confirmed what i thought.

Do you know where I can get the interim release code, such as ASA8.0.5.2 or 8

.0.5.7? Thanks.

Hi,

- For interim releases not available on CCO you need to contact Cisco  TAC to publish it for you.

- Some interims can be found under here-

http://www.cisco.com/pcgi-bin/tablebuild.pl/ASAPSIRT

Note that this requires a CCO ID with software download privileges.

and

http://www.cisco.com/cgi-bin/tablebuild.pl/asa-interim

Note- 8.0.5.2 and 8.0.5.7 interim images were not released.

Thanks.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: