Cisco Releases Security Advisories to Address Vulnerabilities in PIX, ASA, and AVS

Home

US-CERT Computer Emergency Readiness Team

Cisco has released Security Advisory cisco-sa-20080123-asa and cisco-sa-20080123-avs to address vulnerabilities in the PIX 500 Series Security Appliance (PIX), 5500 Series Adaptive Security Appliance (ASA), and Application Velocity System (AVS).

The vulnerability affecting the PIX and ASA devices could allow a remote attacker to cause a denial-of-service condition. The vulnerability affecting AVS could allow an attacker to gain full administrative rights to the system or user-level access to the host operating system.

More information about these vulnerabilities is located in the following Cisco documents:

Cisco Security Advisory: Cisco PIX and ASA Time-to-Live Vulnerability (cisco-sa-20080123-asa)
Cisco Security Advisory: Default Passwords in the Application Velocity System (cisco-sa-20080123-avs)

US-CERT encourages administrators to apply the fixes and workarounds described in the following documents:

Cisco Security Advisory: Cisco PIX and ASA Time-to-Live Vulnerability (cisco-sa-20080123-asa)
Cisco Security Advisory: Default Passwords in the Application Velocity System (cisco-sa-20080123-avs)

US-CERT will continue to monitor these issues and provide additional information as it becomes available.

Cisco Releases Security Advisories to Address Vulnerabilities in PIX, ASA, and AVS

Popular Words in Internet Security Alerts

Related Items