So call me crazy, but is it not logical that 9.3.2(200) would be a later release, than a 9.3.2(2)?!??!

And right now, I don't even the 9.3.2(200) as a download at all. Quit confusing the issues Cisco. LOL

Ok, well at this point I am happy with our 9.4.1 OS and will keep tabs on any other issues that this release presents to us.

Mate I'm not saying it's making any sense, I'm just saying that's the way it is :)

Hi,

I am unable to identify 8.2.5.55 ios.

Kindly provide the link from where i can download this ios to restore this issues.

As of now my device running Adaptive Security Appliance Software Version 8.2(5) | asa825-k8.bin.

Hence kindly do the needful to restore poodle attack.

Hellow CISCO, ETA please? PCI is waiting for this.

@Bojan - Can you advise where you got this information from, that Cisco will fix it next year? We have 2 x 5540's that we need to get patched/secured.

Hello,

I got this information from cisco TAC engineer Ahmad Alhajar -X (aalhajar) <aalhajar@cisco.com> aalhajar@cisco.com. 

Dear Bojan,

The vulnerability is related to CVE-2014-8730 and it is tracked under bug CSCus08101 'ASA: evaluation of Poodle Bites in TLSv1'

https://tools.cisco.com/bugsearch/bug/CSCus08101/?reffering_site=dumpcr

This vulnerability is not fixed yet and the development team is still working on the fix.

AS an ETA for the fix is at the beginning of 2015 but there is no exact day for it yet, I already submitted you to that bug so you will receive updated about it.

If you have any more concerns about this issue please feel free to contact me, if not so we can proceed with the closure.

Kind Regards,

Ahmad.

**Working hours (Monday-Friday 7am-3pm GMT) - For assistance outside these hours or while I am not available, please contact Cisco’s Front Line. Click here for the numbers:

http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html

Hi Bojan,

i have also an TAC Case on this issue. My TAC engineer told me that a POODLE fixed ASA release for Version 8.4 will be available in last week of january and a fixed release for version 9.0 and 9.1 in first or second week of february:

----------------------------------------------------------------------------------

Hi Ayhan,

Thanks for the update.

The poodle bites in tlsv1 is fixed in 8.4.7.25 for ASA 5510/5520/5540 which is supposed to be released in the last week of January. Also, there would be some fixes in 9.0.4 and 9.1.6 for ASA 5510/5520/5540 which will be available by first or second week of February.

These are target dates and are subject to fluctuation due to development release activities.

Regards,

Aafreen

--------------------------------------------------------------------------------------

according to my knowledge this is fixed with 9.2.3.3 and 9.1.6

Raj