07-15-2016 05:33 AM - edited 03-10-2019 12:41 AM
I have been asked to patch the ASA for the Cisco Advisory ID: cisco-sa-20160323-ios-ikev2.
(A vulnerability in the Internet Key Exchange (IKE) version 2 (v2) fragmentation code of Cisco IOS and IOS XE Software could allow an
unauthenticated, remote attacker to cause a reload of the affected system.)
I was trying to find out how to patch the ASA. Is it a complete IOS upgrade or is there actually a patch for the fix
Our ASA is a 5550 software version 8.4(2) with Device Manager 6.4(5)206.
Any help will be most appreciated, so I can then acquire the correct file etc..
The advisory notice doesn't actually detail the process involved.
07-16-2016 12:47 AM
It is a complete new IOS version.
Note that the 5550 is a pretty old model now, so don't be surprised if new software has not been release for it to resolve the issue.
07-18-2016 08:49 AM
The vulnerability report states that the ASA is not vulnerable to this bug. But you should be more concerned about http://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20160210-asa-ike.html. That one is most likely relevant to your ASA.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide