https://community.cisco.com/t5/network-security/cisco-asa-vulnerability/m-p/2037964#M419637 <P>We might be affected by "Cisco ASA UDP Inspection Engine Denial of Service Vulnerability - CSCtq10441" per</P><P><A class="jive-link-external-small" href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa#software" target="_blank">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa#software</A></P><P></P><P>So we want to move to a release in 8.2 code series which has the fix for the above vulnerability. Per above list, fix should be in 8.2(5.5) code, however, I am not able to see this or any later code on cisco website. I see "Release 8.2.5.ED" on cisco site. Is 8.2(5.5) not available for download now, or is 8.2.5.ED is the one which has the fix? I don't see CSCtq10441 mentioned anywhere in the release notes for 8.2.5.ED</P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.html" target="_blank">http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.html</A></P><P></P><P>We dont want to move to 8.3 onwards as there are lots of bugs in it.</P><P></P><P>Thanks,</P><P>Kashish</P> Tue, 12 Mar 2019 00:00:47 GMT Kashish_Patel 2019-03-12T00:00:47Z https://community.cisco.com/t5/network-security/cisco-asa-vulnerability/m-p/2037964#M419637 <P>We might be affected by "Cisco ASA UDP Inspection Engine Denial of Service Vulnerability - CSCtq10441" per</P><P><A class="jive-link-external-small" href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa#software" target="_blank">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa#software</A></P><P></P><P>So we want to move to a release in 8.2 code series which has the fix for the above vulnerability. Per above list, fix should be in 8.2(5.5) code, however, I am not able to see this or any later code on cisco website. I see "Release 8.2.5.ED" on cisco site. Is 8.2(5.5) not available for download now, or is 8.2.5.ED is the one which has the fix? I don't see CSCtq10441 mentioned anywhere in the release notes for 8.2.5.ED</P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.html" target="_blank">http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.html</A></P><P></P><P>We dont want to move to 8.3 onwards as there are lots of bugs in it.</P><P></P><P>Thanks,</P><P>Kashish</P> Tue, 12 Mar 2019 00:00:47 GMT https://community.cisco.com/t5/network-security/cisco-asa-vulnerability/m-p/2037964#M419637 Kashish_Patel 2019-03-12T00:00:47Z https://community.cisco.com/t5/network-security/cisco-asa-vulnerability/m-p/2037965#M419639 <HTML><HEAD></HEAD><BODY><P>Hi Kanish,</P><P></P><P>Please use the latest 8.2.5 available on the website, it should be the most stable release.</P><P></P><P>Thanks.</P><P></P><P>Portu.</P><P></P><P>Please rate any helpful posts. <SPAN __jive_emoticon_name="happy" __jive_macro_name="emoticon" class="jive_macro jive_emote" src="https://community.cisco.com/4.5.4/images/emoticons/happy.gif"></SPAN></P></BODY></HTML> Fri, 28 Sep 2012 05:14:35 GMT https://community.cisco.com/t5/network-security/cisco-asa-vulnerability/m-p/2037965#M419639 Javier Portuguez 2012-09-28T05:14:35Z https://community.cisco.com/t5/network-security/cisco-asa-vulnerability/m-p/2037966#M419641 <HTML><HEAD></HEAD><BODY><P>Thanks for the reply, Javier.</P><P>We want to make sure that whatever code we upgrade to has the fix for vulnerability CSCtq10441. What I am wondering is why the release notes of 8.2.5.ED don't mention about that.</P></BODY></HTML> Fri, 28 Sep 2012 05:21:57 GMT https://community.cisco.com/t5/network-security/cisco-asa-vulnerability/m-p/2037966#M419641 Kashish_Patel 2012-09-28T05:21:57Z