Cisco removes vulnerabilities in ASA and PIX
Cisco has released updates for its Adaptive Security Appliances (ASA) and PIX Security Appliances to remove several vulnerabilities. If an appliance is configured for IPSec or SSL VPN access, the vulnerabilities allow attackers to bypass authentication when signing into a Windows NT domain.
In addition, specially crafted packets can cause a memory leak in the ASA's Crypto Accelerator which can be exploited to trigger Denial of Service attacks. Apart from SSL VPNs and IPSec, the accelerator is also used by several other services which provide secure connections. Specially crafted IPv6 packets can also cause a vulnerable appliance to reboot. Which version is affected by which vulnerability is explained in the vendor's original security advisory.
- Multiple Vulnerabilities in Cisco PIX and Cisco ASA, Cisco Security Advisory