Solved: Identifying the OpenBSD version on a Cisco ASA

Tim_J_RC · ‎03-03-2022

Hi all,

I am looking at identifying the OpenBSD version on my Cisco ASA 5516 running the asa984-39-lfbff-k8.SPA image. If there a way to do this? I tried to open up a TAC Case, but the website is messed up and not letting me do my equipment lookup. We are looking into an ISAKMP vunerabiliy and need to know what version we are running.

Thanks,

Rob Ingram · ‎03-03-2022

@Tim_J_RC searching that CVE here https://tools.cisco.com/security/center/publicationListing.x reveals nothing.

Have you run a scan to confirm your ASA is vulnerable?

What is an isakmp algorithms are you using?

As you are on ASA version, you might want to upgrade to a newer version.

View solution in original post

Rob Ingram · ‎03-03-2022

@Tim_J_RC no idea about the openbsd version, what is the ISAKMP vulnerability? What ASA version are you running?

Tim_J_RC · ‎03-03-2022

Hi Rob, we are looking into CVE-2004-0220 ---isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert Request payload

One of our vunerability scanners spit out that finding.

We are running ASA 9.8(4)39

Rob Ingram · ‎03-03-2022

@Tim_J_RC searching that CVE here https://tools.cisco.com/security/center/publicationListing.x reveals nothing.

Have you run a scan to confirm your ASA is vulnerable?

What is an isakmp algorithms are you using?

As you are on ASA version, you might want to upgrade to a newer version.

Tim_J_RC · ‎03-03-2022

This came from our cyber people, so they had scanned it and sent is that. I did get a TAC case opened finally, so hoping they can tell me. Our ASA software is pretty recent, so I prefer not updating blindly without knowing for sure if the software is the issue. going to close this out. thanks.