So much for Cisco's once-announced plans to only release software patches twice a year. New patches seem to be coming out monthly. Today Cisco released updates to fix multiple holes in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances. Applause goes out to Cisco for putting safety ahead of scheduling.
Today's security advisory addresses the following vulnerabilities, Cisco says:
- Crafted TCP ACK Packet Vulnerability
- Crafted TLS Packet Vulnerability
- Instant Messenger Inspection Vulnerability
- Vulnerability Scan Denial of Service
- Control-plane Access Control List Vulnerability
The first four vulnerabilities may lead to a denial of service (DoS) condition and the fifth vulnerability may allow an attacker to bypass control-plane access control lists (ACL). Note: These vulnerabilities are independent of each other. A device may be affected by one vulnerability and not affected by another.
The Cisco Subnet blog is the official blog of the Network World Cisco Subnet community, managed by Editor Linda Leung. Cisco Subnet is the independent voice of Cisco customers and is your gateway to daily Cisco news, blogs, opinion, books, prize giveaways and more. Visit the Cisco Subnet home page daily and while you are there, subscribe to the Cisco Alert e-mail newsletter, which includes news and views generated by the Cisco Subnet community as well as Cisco-related stories on Network World and elsewhere on the Web.
(WAN community)
|
|
