Sign in / up

back to article Patch Cisco ASA ASAP: DNS, DHCPv6, UDP packets will crash them

Cisco has issued a firmware update to address four security flaws in its Adaptive Security Appliance (ASA) that open up the gear to denial-of-service attacks. By exploiting these bugs, six models in the ASA family can be forced to repeatedly reset, rendering the hardware useless. Vulnerable products include the Cisco ASA …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Crazy Operations Guy

    Too bad they charge for updates

    I wonder if these are subject to same to the same bullshit as Cisco's routers and switches were you can only get new versions of the software if you buy a ridiculously expensive support plan.

    0 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Too bad they charge for updates

      In a case of security issues, Cisco had better provide these for free or face serious lawsuits.

      0 0 Reply
      1. The Jester
        Reply Icon

        Re: Too bad they charge for updates

        Security updates are free, always have been, always will be.

        0 0 Reply
    2. Mr. Flibble
      Reply Icon

      Re: Too bad they charge for updates

      Yes, unfortunately they are.

      However, at least their website lists the checksums for free, so at least you can erm, find the files from other sources and check they aren't backdoored...

      1 0 Reply
  2. Anonymous Coward
    Anonymous Coward

    Reminds me of something - oh, 8 years ago!

    CVE-2015-6324, a vulnerability present in devices equipped with the DHCPv6 relay feature allowing an attacker to reset the device with a specially-crafted DHCPv6 packet

    We were stress-testing a mobile IP stack with randomly-generated malformed IPv6 packages one of which cleared the run-time configuration of the gateway router, killing the entire network for ... hours.

    Posted the bug & "magick package" to CISCO, never heard anything ever after.

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like