cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

2065
Views
0
Helpful
2
Replies
walter.perera
Beginner

Vulnerability in Cisco ASA

Hi all:

Executing a Vulnerability Assessment in an ASA 5510, it has detected a "SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection". As a recommendation, it suggest to contact the supplier to find any patch. As of now, we couldn't find any patch.

Could you please help us?

IOS ver is Cisco Adaptive Security Appliance Software Version 8.0(3)6
asa803-6-k8.bin

Thanks

2 REPLIES 2
Farrukh Haroon
Engager

Download the latest ASA code and disable SSH V1 on your ASA.

It should fix it (if there is any issue in the first place)!


Regards

Farrukh

This is the one you are talking about: http://www.cisco.com/warp/public/707/cisco-sa-20080604-asa.shtml

fixed in 8.0.3(9) and on.

You can download the code here: http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=268438162

-KS