[AusNOG] Cisco ASA - CVE-2016-1287 - Busy Night ahead

[Paul Wilkins]

*Note: Only traffic directed to the affected system can be used to exploit
this vulnerability.*
Which is to say, if your firewall grants external access to the control
plane, you perhaps have larger issues.

Kind regards

Paul Wilkins

On 14 February 2016 at 16:48, Ibrahim Kunduraci <Ibrahim at amanah.net.au>
wrote:

> The sad thing is, I know of a few Cisco “consultants” who’ve deemed the
> advisory as low risk..
>
> From: AusNOG <ausnog-bounces at lists.ausnog.net> on behalf of Scott Howard <
> scott at doc.net.au>
> Date: Friday, 12 February 2016 at 11:28 AM
> To: Johnathon Brandis <jcbrandis at gmail.com>
> Cc: "ausnog at ausnog. net List" <ausnog at ausnog.net>
> Subject: Re: [AusNOG] Cisco ASA - CVE-2016-1287 - Busy Night ahead
>
> With all due respect, if you saw this come in overnight you probably need
> to reconsider where you are getting notifications for things like this
> from.
>
> This has been in the wild for over 30 hours already, and that's just from
> the public notification...
>
> To put this one in context, the CVE scoring system goes from 0 to 10.
> This got a 10, and probably deserves an 11 or 12...
>
>   Scott
>
>
> On Thu, Feb 11, 2016 at 2:42 PM, Johnathon Brandis <jcbrandis at gmail.com>
> wrote:
>
>> Gday All
>>
>> Anyone else notice this fly in over night?
>>
>> CVE-2016-1287
>>
>>
>> https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike
>>
>>
>> Sorry for the disturbance - JB
>>
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160214/dfcbd4fe/attachment.html>