Cisco warned a new security vulnerability in ASA and PIX

On May 2, Cisco Systems warned of a number of security holes in the Adaptive Security Appliances (ASA) and PIX firewall products, which could allow an attacker to bypass the mechanism of identifying or enforcing attack methods. DoS public.

Two of the above vulnerabilities affect the process of setting up the Lightweight Directory Access Protocol (LDAP) identifier and may allow an attacker to take control of the application or gain unauthorized access to the local network without must login.

Picture 1 of Cisco warned a new security vulnerability in ASA and PIX Meanwhile, two other vulnerabilities affect devices used to disconnect virtual private networks (VPNs), which could facilitate hackers to disconnect binary users of VPNs and confuse traffic. Transport VPN.

Cisco has issued an upgrade for the above vulnerabilities. Cisco ASA and PIX versions of applications 7.1 and 7.2 may also be affected, depending on the configuration.

As of February 2007, Cisco has patched five vulnerabilities in the PIX 500 and ASA 5500 security applications.