Cisco ASA vulterablities
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike
A vulnerability in the Internet Key Exchange (IKE) version 1 (v1) and IKE version 2 (v2) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code.
The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system.
-
Thanks - I have one customer with one of these.. might be time to change to a ERL
-
@Dashrender said:
Thanks - I have one customer with one of these.. might be time to change to a ERL
It's an easy upgrade Just upgrade to the ASA version not affected.
-
@Jason said:
@Dashrender said:
Thanks - I have one customer with one of these.. might be time to change to a ERL
It's an easy upgrade Just upgrade to the ASA version not affected.
Assuming said customer is paying the
contortionistextortionist pricing for software updates.
