Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
431
Views
0
Helpful
2
Replies

Vulnerabilities with ASA Service Module

Go to solution
aespanola
Level 1
Level 1

‎10-22-2015 08:34 AM - edited ‎02-21-2020 05:36 AM

Cisco just recently releases security updates for ASA due to number of vulnerabilities (See below). We don't provide any DNS, DHCP or VPN services in our ASA but our software image is listed as affected. Do we really need to upgrade the code? How can we check if  DNS, DHCP and IKE features are enabled or if they're running in ASA? Command 'show version' doesn't display it. Please advise.

 

Thanks in advance!

 

/Arnel

 

Cisco Releases Security Updates

10/21/2015 06:43 PM EDT

 

Original release date: October 21, 2015

Cisco has released updates to address multiple vulnerabilities in its Adaptive Security Appliance (ASA) software. Exploitation of these vulnerabilities could allow a remote attacker to cause a denial-of-service condition.

US-CERT encourages users and administrators to review the Cisco security advisories on the ASA DNS Vulnerability 1, ASA DNS Vulnerability 2, ASA DHCP Vulnerability, and ASA IKE Vulnerability and apply the necessary updates.

 

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-22-2015 08:20 PM

Your running configuration will tell you whether you are using any of the affected features.

DNS and DHCP can be found with:

show run | i dns

show run | i dhcp

IKEv1 is a little less straightforward as there are some IKE commands even in the factory default configuration, although they may not be used in many setups. Just inspect the configuration to see whether there are any site-site or remote access IPsec VPNs setup.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-22-2015 08:20 PM

Your running configuration will tell you whether you are using any of the affected features.

DNS and DHCP can be found with:

show run | i dns

show run | i dhcp

IKEv1 is a little less straightforward as there are some IKE commands even in the factory default configuration, although they may not be used in many setups. Just inspect the configuration to see whether there are any site-site or remote access IPsec VPNs setup.

0 Helpful

Go to solution
aespanola
Level 1
Level 1
In response to Marvin Rhoads

‎10-27-2015 09:29 AM

Thank you Marvin.

 

Just an FYI.

 

The vulnerability says “if at least one DNS server IP address is configured under a DNS server group"

 

We only have domain-name configured but not a name-server so we're good.

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card