Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
629
Views
0
Helpful
2
Replies

cisco asa vulnerability

Kashish_Patel
Level 2
Level 2

‎09-27-2012 10:03 PM - edited ‎03-11-2019 05:00 PM

We might be affected by "Cisco ASA UDP Inspection Engine Denial of Service Vulnerability - CSCtq10441" per

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa#software

So we want to move to a release in 8.2 code series which has the fix for the above vulnerability. Per above list, fix should be in 8.2(5.5) code, however, I am not able to see this or any later code on cisco website. I see "Release 8.2.5.ED" on cisco site. Is 8.2(5.5) not available for download now, or is 8.2.5.ED is the one which has the fix? I don't see CSCtq10441 mentioned anywhere in the release notes for 8.2.5.ED

http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.html

We dont want to move to 8.3 onwards as there are lots of bugs in it.

Thanks,

Kashish

Labels:
0 Helpful
2 Replies 2

Javier Portuguez
Level 9
Level 9

‎09-27-2012 10:14 PM

Hi Kanish,

Please use the latest 8.2.5 available on the website, it should be the most stable release.

Thanks.

Portu.

Please rate any helpful posts.

0 Helpful

Kashish_Patel
Level 2
Level 2
In response to Javier Portuguez

‎09-27-2012 10:21 PM

Thanks for the reply, Javier.

We want to make sure that whatever code we upgrade to has the fix for vulnerability CSCtq10441. What I am wondering is why the release notes of 8.2.5.ED don't mention about that.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card