Skip Links

Network World

Jim Duffy

Cisco warns of ASA, PIX vulnerabilities; acknowledges DoS vulnerablities in TCP

By Cisco Subnet on Wed, 10/22/08 - 2:43pm.
Newsletter Signup

Cisco is warning of multiple security holes in its ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances. It also issued a security response that acknowledges multiple vulnerabilities involving the  manipulation of TCP state table information. The ASA and PIX vulnerabilities include Windows NT domain authentication bypass, IPv6 denial-of-service (DoS), and crypto accelerator memory leak, according to Cisco's latest security advisory. The comany says the vulnerabilities are independent of each other. Software updates and workarounds are available at Cisco's Web site.

Cisco on Friday issued a security response that acknowledges the multiple DoS vulnerabilities involving the manipulation of TCP state table information. The vulnerabilities were presented by Robert E. Lee and Jack Louis of Outpost24, according to Cisco in the security response. Cisco says the TCP vulnerabilities reported by Outpost24 are an extension of well-known weaknesses in the protocol and that an attacker must complete a TCP three-way handshake to a device to successfully exploit the DoS vulnerabilities. The company says it is possible to mitigate the risk of these vulnerabilities by allowing only trusted sources to access TCP-based services. More info at Cisco's Web site.

More Cisco Security Responses

More Cisco Security Alerts

More from Cisco Subnet:
Cisco refreshes CCIE security lab exam
Cisco Attendant Console end-of-sale announcement
Vegas casino networked slot machines with Cisco Ethernet
Cisco training intitiative aims to develop CCIE talent in India
* Cisco channel partners can now shave up to 61% off talent recruiting costs
* Catching USB data thieves
Insider’s view on how to decide what Cisco code versions to run
Go to Cisco Subnet for more Cisco news, blogs, discussion forums, security alerts, book giveaways, and more.

Welcome, visitor. Register Log in
About Cisco Subnet Blog

The Cisco Subnet blog is written by Network World managing editor Jim Duffy and is the official blog of Network World's Cisco Subnet community. The Cisco Subnet site is managed by Online Community Editor Julie Bort. Cisco Subnet is the independent voice of Cisco customers and is your gateway to daily Cisco news, blogs, opinion, books, prize giveaways and more. Visit the Cisco Subnet home page daily and while you are there, subscribe to the Cisco Alert e-mail newsletter, which includes news and views generated by the Cisco Subnet community as well as Cisco-related stories on Network World and elsewhere on the Web.