cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2220
Views
20
Helpful
10
Replies

CSCvg35618 - Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability - 5

bd-fisher
Level 1
Level 1

Hello,

I have been looking for the ASA software asa963-20-smp-k8.bin.

On the download page I can only see  asa963-1-smp-k8.bin

 

Can anyone supply the correct url or location for download?

 

regards,

Brian

 

*** Sorry for the post, I have located the file***

1 Accepted Solution

Accepted Solutions

No prob,  please mark Helpful and Solved!  Then prepare for the upgrade!

View solution in original post

10 Replies 10

Kyler Middleton
Level 1
Level 1

Hey Brian, 

 

Did you have to open a TAC case to locate the file? I have some 5515-X in production, and none of the fixed software referenced here are available on the download page. 

kyler

Be sure too look at the Interim Releases, see screen shot below.

 

Cisco_Systems.jpg

That's where they're hiding! Thanks Tim, I appreciate it. 

kyler

No prob,  please mark Helpful and Solved!  Then prepare for the upgrade!

Thanks for the screen shot Tim.

But 9.6(4) is available so why not use it? As per 9.6(3)20 RN:

 

"Important:  These images were not fully regression tested.  Each individual fix was unit tested, and the image has had a limited amount of automated regression testing to confirm a baseline of functionality.  Keep this testing status in mind if you decide to run them in a production environment.  We strongly encourage you to upgrade to a fully tested Maintenance or Feature release when it becomes available.

Revision:  Version 9.6(3)20 – 11/28/2017"

Why not just use 9.6(4)?  In my environment we need to do extensive reviews of known & fixed bugs, new features , changes to commands and parameters before Amy upgrade like that. Even if it’s as simple as 9.6(3) to 9.6(4). 

 

The interim releases only fix a few bugs, they are more like a patch than an upgrade.

 

Tim

I didn't think staying in the same code branch of 9.6 (from 3 to 4) would be an "upgrade" but I get what you are saying. I think my experience is getting burnt by people/past admins just leaving Interim releases and never going to the next MR/FR. Just out of curiosity you mention "your environment", are you running multiple context? 

Also leave this also to confusing documentation and RN by Cisco as on the 9.6 RN they state:

"Version 9.6(3) was removed from Cisco.com due to bug CSCvd78303."



@JazzyJ wrote:

Just out of curiosity you mention "your environment", are you running multiple context? 

Also leave this also to confusing documentation and RN by Cisco as on the 9.6 RN they state:

"Version 9.6(3) was removed from Cisco.com due to bug CSCvd78303."



Specifically, 9.6(3) was removed, in its place is 9.6(3.1). 

 

I don't run multiple context on the FW that terminates my VPN sessions.   When my org purchased these ASAs, site to site VPN or Remote Access VPN was not supported on ASA that ran multiple context.  Since then I believe S2S has been added and RA has been added if you have the expensive AC licenses. 

 

HTH

 

Tim

JazzyJ
Level 1
Level 1

Why not go to 9.6(4) which is a full release not interium? It shows as known fixed on the list below:

9.6.JPG964.JPG

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: