Security Alert
Vulnerability in PIX and ASA Appliances

Description
Some vulnerability was found in Cisco Adaptive Security Appliance (ASA) and PIX security appliances:

- Lightweight Directory Access Protocol (LDAP) authentication bypass vulnerabilities.
An unspecified error exists when using the LDAP authentication mechanism, which can be exploited to bypass the authentication and gain access to the device or the network.

- Denial of Service (DoS) vulnerabilities.
DoS vulnerabilities may be triggered when devices are terminating Virtual Private Networks (VPN). These denial of service vulnerabilities may allow an attacker to disconnect VPN users, prevent new connections, or prevent the device from transmitting traffic.


Product affected
LDAP Authentication bypass
- 7.2 versions prior to 7.2(2)8

Denial of Service in VPNs with password expiry
- 7.1 versions prior to 7.1(2)49, 7.2 versions prior to 7.2(2)17

Denial of Service in SSL VPNs
- .1 versions prior to 7.1(2)49, 7.2 versions prior to 7.2(2)19

Solution
Update the affected products to latest version


Source
Cisco
Free Seminar

How to enhance your internet access control?

 
Promotion

Promotion 1: Hosted Exchange Service Promotion
Promotion 2: Microsoft Get The Power III

 

Enquiry Hotline: 2102 5894    Email: marketing@nexus-hk.com
If you don't want to receive our marketing information, please click here, we will promptly delete it. All the above informations are for reference only.