09-27-2012 10:03 PM - edited 03-11-2019 05:00 PM
We might be affected by "Cisco ASA UDP Inspection Engine Denial of Service Vulnerability - CSCtq10441" per
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa#software
So we want to move to a release in 8.2 code series which has the fix for the above vulnerability. Per above list, fix should be in 8.2(5.5) code, however, I am not able to see this or any later code on cisco website. I see "Release 8.2.5.ED" on cisco site. Is 8.2(5.5) not available for download now, or is 8.2.5.ED is the one which has the fix? I don't see CSCtq10441 mentioned anywhere in the release notes for 8.2.5.ED
http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.html
We dont want to move to 8.3 onwards as there are lots of bugs in it.
Thanks,
Kashish
09-27-2012 10:14 PM
Hi Kanish,
Please use the latest 8.2.5 available on the website, it should be the most stable release.
Thanks.
Portu.
Please rate any helpful posts.
09-27-2012 10:21 PM
Thanks for the reply, Javier.
We want to make sure that whatever code we upgrade to has the fix for vulnerability CSCtq10441. What I am wondering is why the release notes of 8.2.5.ED don't mention about that.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide