Gladiator Research and Security

GSA Reference Number: AD100217-01

Simply Put: Cisco has released an advisory for multiple vulnerabilities with Cisco ASA 5500 devices.  This advisory identifies six new denial of service vulnerabilities and one new authentication bypass vulnerability.  An update from Cisco is available to address these issues and should be applied as soon as possible.  Gladiator will be testing this update for compatibility and stability and will then notify affected clients if an update is necessary.

GSA Reference Number: AD090409-01

Simply Put: Cisco has announced a number of newly discovered vulnerabilities in both their Cisco ASA 5500 Series and Cisco PIX Security Appliances running 7.x and 8.x firmware versions.  These vulnerabilities cover SSL and IPSec VPN Connectivity, Access-List Restrictions, and Packet Inspection.  The vulnerabilities in this latest Cisco release are considered critical by Gladiator. We will be reviewing all CoreDefense monitored Cisco ASA and PIX devices for susceptibility.

GSA Reference Number: AD081024-01

Simply Put: Cisco has announced three vulnerabilities in Cisco ASA and PIX devices.  The vulnerabilities cover Windows NT Domain authentication, IPv6, and the Crypto Accelerator. Gladiator will be reviewing all monitored client Cisco devices to determine what IOS version they are running.  If a device is out of date, it will be updated.

GSA Reference Number: AD080903-01

Simply Put: Cisco has announced five vulnerabilities in their Cisco ASA 5500 and PIX devices.  The vulnerabilities deal with denial of service to the device or information disclosure.  The denial of service issues will cause the device to reload, if exploited.  For a comprehensive list of affected IOS versions, refer to the Cisco article linked below. Gladiator will be reviewing all client Cisco devices to determine what IOS version they are running.  If a device is out of date, it will be updated starting this weekend.