Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Cisco issues security patches for its Adaptive Security Appliances

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

May 18, 2016

Cisco asserted today that it has issued new patches to users of its Adaptive Security Appliances (ASA), as it normally does regularly.

The two newly-announced security fixes are bulletin CVE-2016-1379, a VPN block memory exhaustion security vulnerability, and CVE-2016-1385, a security issue with the ASA XML parser itself.

The memory exhaustion vulnerability affects ASA software releases later than 9.0, and can be exploited remotely, Cisco warned.

The software has a bug in how it handles ICMP errors in IPsec packets, and crafted packets sent either through LAN-to-LAN or remote access VPN tunnels can “deplete available memory”.

That results in a denial-of-service, either because the system becomes unstable or it stops forwarding traffic altogether.

The software is vulnerable if the user utilizes IKEv1 or IKEv2 for LAN-to-LAN VPNs, or remote access VPNs using Layer 2 Tunnelling Protocol and Ipsec, and if the system is validating ICMP errors.

However, the XML parser security vulnerability is less serious, because it can only be exploited by an authenticated user.

A local system administrator can crash the appliance by tricking the ASA into parsing a malicious XML file while someone with Clientless SSL VPN access can send a crafted XML file over their connection.

In either case, because the XML parser isn't sufficiently hardened, the malicious file can force a system reload.

All ASA releases are affected, and Cisco has released all the related security patches, the networking company asserts.

Source: Cisco.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer