Last Updated: 2008-06-04 20:04:45 UTC - "Cisco has released details* on 5 vulnerabilities with their PIX and ASA product lines. In short, the quick bullet list of vulnerabilities is:
- Crafted TCP ACK Packet Vulnerability (Denial of Service)
- Crafted TLS Packet Vulnerability (Denial of Service)
- Instant Messenger Inspection Vulnerability (Denial of Service)
- Vulnerability Scan Denial of Service (Denial of Service)
- Control-plane Access Control List Vulnerability (Bypass ACL)
Updates are available to fix all of the above and there are no workarounds for the final four of these. In short, update your devices. Good news is that these were internal finds and it doesn't appear there is exploitation or "public" knowledge of the vulnerability details to create exploits."
Software Versions and Fixes