<div dir="ltr"><div><div><div><strong>Note: Only traffic directed to the affected system can
be used to exploit this vulnerability.<br><br></strong></div>Which is to say, if your firewall grants external access to the control plane, you perhaps have larger issues.<br><br></div>Kind regards<br><br></div>Paul Wilkins<br></div><div class="gmail_extra"><br><div class="gmail_quote">On 14 February 2016 at 16:48, Ibrahim Kunduraci <span dir="ltr"><<a href="mailto:Ibrahim@amanah.net.au" target="_blank">Ibrahim@amanah.net.au</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">



<div style="word-wrap:break-word;color:rgb(0,0,0);font-size:16px;font-family:Calibri,sans-serif">
<div>
<div>
<div>The sad thing is, I know of a few Cisco “consultants” who’ve deemed the advisory as low risk..</div>
<div>
<div></div>
</div>
</div>
</div>
<div><br>
</div>
<span>
<div style="font-family:Calibri;font-size:12pt;text-align:left;color:black;BORDER-BOTTOM:medium none;BORDER-LEFT:medium none;PADDING-BOTTOM:0in;PADDING-LEFT:0in;PADDING-RIGHT:0in;BORDER-TOP:#b5c4df 1pt solid;BORDER-RIGHT:medium none;PADDING-TOP:3pt">
<span style="font-weight:bold">From: </span>AusNOG <<a href="mailto:ausnog-bounces@lists.ausnog.net" target="_blank">ausnog-bounces@lists.ausnog.net</a>> on behalf of Scott Howard <<a href="mailto:scott@doc.net.au" target="_blank">scott@doc.net.au</a>><br>
<span style="font-weight:bold">Date: </span>Friday, 12 February 2016 at 11:28 AM<br>
<span style="font-weight:bold">To: </span>Johnathon Brandis <<a href="mailto:jcbrandis@gmail.com" target="_blank">jcbrandis@gmail.com</a>><br>
<span style="font-weight:bold">Cc: </span>"ausnog@ausnog. net List" <<a href="mailto:ausnog@ausnog.net" target="_blank">ausnog@ausnog.net</a>><br>
<span style="font-weight:bold">Subject: </span>Re: [AusNOG] Cisco ASA - CVE-2016-1287 - Busy Night ahead<br>
</div><div><div class="h5">
<div><br>
</div>
<div>
<div>
<div dir="ltr">With all due respect, if you saw this come in overnight you probably need to reconsider where you are getting notifications for things like this from.
<div><br>
</div>
<div>This has been in the wild for over 30 hours already, and that's just from the public notification...</div>
<div><br>
</div>
<div>To put this one in context, the CVE scoring system goes from 0 to 10.  This got a 10, and probably deserves an 11 or 12...</div>
<div><br>
</div>
<div>  Scott</div>
<div><br>
</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Thu, Feb 11, 2016 at 2:42 PM, Johnathon Brandis <span dir="ltr">
<<a href="mailto:jcbrandis@gmail.com" target="_blank">jcbrandis@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Gday All
<div><br>
</div>
<div>Anyone else notice this fly in over night?</div>
<div><br>
</div>
<div><span style="color:rgb(135,135,135);font-family:arial,helvetica,'Helvetica Neue',HelveticaNeue,'Lucida Grande',sans-serif;font-size:13px;line-height:15px">CVE-2016-1287</span><br>
</div>
<div><span style="color:rgb(135,135,135);font-family:arial,helvetica,'Helvetica Neue',HelveticaNeue,'Lucida Grande',sans-serif;font-size:13px;line-height:15px"><br>
</span></div>
<div><font color="#878787" face="arial,helvetica,Helvetica Neue,HelveticaNeue,Lucida Grande,sans-serif"><span style="line-height:15px"><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike" target="_blank">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike</a></span></font><br>
</div>
<div><font color="#878787" face="arial,helvetica,Helvetica Neue,HelveticaNeue,Lucida Grande,sans-serif"><span style="line-height:15px"><br>
</span></font></div>
<div><font color="#878787" face="arial,helvetica,Helvetica Neue,HelveticaNeue,Lucida Grande,sans-serif"><span style="line-height:15px"><br>
</span></font></div>
<div><font color="#878787" face="arial,helvetica,Helvetica Neue,HelveticaNeue,Lucida Grande,sans-serif"><span style="line-height:15px">Sorry for the disturbance - JB</span></font></div>
</div>
<br>
_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
<br>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</div></div></span>
</div>

<br>_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
<br></blockquote></div><br></div>