CertCities.com -- The Ultimate Site for Certified IT Professionals
Visit CertCities.com Forums and Ost Your Mind Share share | bookmark | e-mail
  Microsoft®
  Cisco®
  Security
  Oracle®
  A+/Network+"
  Linux/Unix
  More Certs
  Newsletters
  Salary Surveys
  Forums
  News
  Exam Reviews
  Tips
  Columns
  Features
  PopQuiz
  RSS Feeds
  Press Releases
  Contributors
  About Us
  Search
 

Advanced Search
  Free Newsletter
  Sign-up for the #1 Weekly IT
Certification News
and Advice.
Subscribe to CertCities.com Free Weekly E-mail Newsletter
CertCities.com

See What's New on
Redmondmag.com!

Cover Story: IE8: Behind the 8 Ball

Tech-Ed: Let's (Third) Party!

A Secure Leap into the Cloud

Windows Mobile's New Moves

SQL Speed Secrets

CertCities.com
Let us know what you
think! E-mail us at:
 
 
...Home ... Editorial ... News ..News Story Tuesday: December 28, 2010


Another Cisco PIX, ASA Flaw Found


5/14/2007 -- It's been a rough stretch for Cisco Systems Inc.'s PIX and ASA appliances. Earlier this month, Cisco alerted users to the existence of multiple LDAP and denial-of-service (DoS) vulnerabilities in both products.

Then, in a follow-up to a bulletin published by US-CERT, Cisco acknowledged the existence of another PIX and ASA vulnerability -- this time, a DHCP Relay Agent flaw that could lead to DoS.

The vulnerability affects PIX and ASA system software versions 7.2(1) through 7.2(2.14) only. In cases where PIX and ASA appliances have been configured to act as DHCP relays, the DHCPACK messages that it receives from DHCP servers (typically in response to DHCPREQUEST or DHCPINFORM traffic from clients) may cause the 1550 byte block memory to be consumed. Both devices use 1550 byte block memory to store Ethernet packets for processing.

When the available 1550 byte block memory is finally exhausted, the appliance will stop forwarding packets, Cisco said.

The vulnerability affects only devices configured as DHCP relays for multiple DHCP servers; devices configured to relay to only a single DHCP server are not vulnerable, Cisco confirmed.

Cisco provided system software fixes to patch both its PIX and ASA appliances. --Stephen Swoyer

There are 1852 CertCities.com user Comments for “Another Cisco PIX, ASA Flaw Found”
Page 1 of 186
10/11/09: tramadol no prescrip from New York says: Beautiful site!
10/11/09: health care product from New York says: I bookmarked this link. Thank you for good job!
10/11/09: extra cheap phenterm from New York says: Great. Now i can say thank you!
10/11/09: 100 tramadol pill from New York says: I bookmarked this link. Thank you for good job!
10/11/09: tramadol free fedex from New York says: Beautiful site!
10/12/09: pulmonary hypertensi from New York says: Excellent site. It was pleasant to me.
10/12/09: online adipex withou from New York says: Great. Now i can say thank you!
10/12/09: ordering information from New York says: Great site. Good info.
10/12/09: employers view trama from New York says: Great. Now i can say thank you!
10/12/09: to order adipexs wit from New York says: I bookmarked this link. Thank you for good job!
First Page   Next Page   Last Page
Your comment about: “Another Cisco PIX, ASA Flaw Found”
Name: (optional)
Location: (optional)
E-mail Address: (optional)
Comment:
   

-- advertisement (story continued below) --

top
Home | Microsoft® | Cisco® | Oracle® | A+/Network+" | Linux/Unix | MOS | Security | List of Certs
Advertise | Contact Us | Contributors | Features | Forums | News | Pop Quiz | Tips | Press Releases | RSS Feeds RSS Feeds from CertCities.com
Search | Site Map | Redmond Media Group | TechMentor Conferences | Tech Library Webcasts
This Web site is not sponsored by, endorsed by or affiliated with Cisco Systems, Inc., Microsoft Corp., Oracle Corp., The Computing Technology Industry Association, Linus Torvolds, or any other certification or technology vendor. CiscoÆ and Cisco SystemsÆ are registered trademarks of Cisco Systems, Inc. Microsoft, Windows and Windows NT are either registered trademarks or trademarks of Microsoft Corp. OracleÆ is a registered trademark of Oracle Corp. A+Æ, i-Net+T, Network+T, and Server+T are trademarks and registered trademarks of The Computing Technology Industry Association. (CompTIA). LinuxT is a registered trademark of Linus Torvalds. All other trademarks belong to their respective owners.
Reprints allowed with written permission from the publisher. For more information, e-mail
Application Development Trends | Campus Technology | CertCities.com | The Data Warehousing Institute
E-Gov | EduHound | ENTmag.com | Enterprise Systems | Federal Computer Week | FTPOnline.com | Government Health IT
IT Compliance Institute | MCPmag.com | Recharger | Redmond Developer News | Redmond | Redmond Events | Redmond Channel Partner | Redmond Report
TCPmag.com | T.H.E. Journal | Virtualization Review | Visual Studio Magazine | VSLive!
Copyright 1996-2009 1105 Media, Inc. See our Privacy Policy.
1105 Redmond Media Group