Tim reports that Cisco has released a security advisory for Cisco ASA5500 products, outlining some security vulnerabilities and resolutions
The issues are:
All issues are resolved by upgrading to an appropriate OS version, outlined in a table in the advisory. If that is not possible, workarounds for many of these issues are also provided.
Most of these are DOS (Denial of Service) conditions, however the authentication bypass issue is much more serious. If your ASA configuration requires NTLMv1 authentication, then read this advisory closely and upgrade to the appropriate OS version as soon as possible ! A workaround that's not referenced in the Cisco doc is changing to RADIUS authentication in place of NTLMv1. If an OS update is not easy to schedule in the near future, this might be a better approach short term (or even long term) than using NTLMv1.
Find the advisory here ==> http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml
=============== Rob VandenBrink Metafore ===============
Feb 17th 2010
7 years ago