Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Vulnerability in Cisco ASA

Hi all:

Executing a Vulnerability Assessment in an ASA 5510, it has detected a "SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection". As a recommendation, it suggest to contact the supplier to find any patch. As of now, we couldn't find any patch.

Could you please help us?

IOS ver is Cisco Adaptive Security Appliance Software Version 8.0(3)6
asa803-6-k8.bin

Thanks

Everyone's tags (2)
2 REPLIES

Re: Vulnerability in Cisco ASA

Download the latest ASA code and disable SSH V1 on your ASA.

It should fix it (if there is any issue in the first place)!


Regards

Farrukh

Cisco Employee

Re: Vulnerability in Cisco ASA

This is the one you are talking about: http://www.cisco.com/warp/public/707/cisco-sa-20080604-asa.shtml

fixed in 8.0.3(9) and on.

You can download the code here: http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=268438162

-KS

1709
Views
0
Helpful
2
Replies