04-02-2010 11:22 AM - edited 02-21-2020 03:55 AM
Can anyone confirm whether the ASA 8.0.3 image is affected by denial of service (DoS) vulnerabilities that manipulate the state of Transmission Control Protocol (TCP) connections?
Solved! Go to Solution.
04-02-2010 03:20 PM
DOS to VPN on ASA is not affected on version 8.0.3:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml
However, you might be affected by the following vulnerabilities:
http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml
04-02-2010 03:20 PM
DOS to VPN on ASA is not affected on version 8.0.3:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml
However, you might be affected by the following vulnerabilities:
http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml
04-06-2010 07:39 AM
Halijenn, thank you for confirming that 8.0.3 is not affected by the TCP DOS vulnerability.
I also looked at the other vulnerabilities listed in the other link. We're currently using 8.0.3(19), so it looks like we're only concerned with SIP inspections which we do not have implemented. Again, thank you for the heads up for providing the link.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide