[AusNOG] Cisco ASA - CVE-2016-1287 - Busy Night ahead

Chris Lee chris at datachaos.com.au
Tue Feb 16 14:40:16 EST 2016


Has anyone tried 8.2.5(59) interim release yet for this ?

Currently stuck on an 8.2.5 release on a couple of ASA's and only 2-3 weeks
away from migrating over to new Juniper SRX and MX kit so would rather not
expend the effort into trying to migrate hundreds of NAT rules to the newer
9.1.7 release and causing more problems.

http://www.cisco.com/web/software/280775065/45357/ASA-825-Interim-Release-Notes.html

Revision:  Version 8.2.5(59) – 2/13/2016
Files:  asa825-59-k8.bin, asa825-59-smp-k8.bin
Defects resolved since 8.2.5(58):
CSCux29978 ASA IKEv1 and IKEv2 Vulnerability
CSCux42019 IKEv2 Fragments may get dropped with a specific sequence of
fragments

Cheers,
Chris

On Fri, Feb 12, 2016 at 8:42 AM, Johnathon Brandis <jcbrandis at gmail.com>
wrote:

> Gday All
>
> Anyone else notice this fly in over night?
>
> CVE-2016-1287
>
>
> https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike
>
>
> Sorry for the disturbance - JB
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160216/9f850c90/attachment.html>


More information about the AusNOG mailing list