Cisco Security warns of multiple vulnerabilities in Cisco PIX and Cisco ASA
By Jim Duffy on Wed, 06/04/08 - 7:28pm.So much for Cisco's once-announced plans to only release software patches twice a year. New patches seem to be coming out monthly. Today Cisco released updates to fix multiple holes in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances. Applause goes out to Cisco for putting safety ahead of scheduling.
Today's security advisory addresses the following vulnerabilities, Cisco says:
- Crafted TCP ACK Packet Vulnerability
- Crafted TLS Packet Vulnerability
- Instant Messenger Inspection Vulnerability
- Vulnerability Scan Denial of Service
- Control-plane Access Control List Vulnerability
The first four vulnerabilities may lead to a denial of service (DoS) condition and the fifth vulnerability may allow an attacker to bypass control-plane access control lists (ACL). Note: These vulnerabilities are independent of each other. A device may be affected by one vulnerability and not affected by another.
- About The Cisco Connection
The Cisco Subnet blog is written by Network World managing editor Jim Duffy Visit the Cisco Subnet home page daily and while you are there, subscribe to the Cisco Alert e-mail newsletter, which includes news and views generated by the Cisco Subnet community as well as Cisco-related stories on Network World and elsewhere on the Web.
Follow Jim Duffy on Twitter
Most Discussed Posts
-
Network World, Inc
The Connected Enterprise