[20201] in bugtraq
Re: PIX Firewall 5.1 DoS Vulnerability
daemon@ATHENA.MIT.EDU (Scott Raymond)
Fri Apr 13 07:34:48 2001
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Message-ID: <001901c0c2de$4aaa58e0$f13d0ad1@linknet.com>
Date: Wed, 11 Apr 2001 16:22:33 -0700
Reply-To: scott@link-net.com
From: Scott Raymond <scott@link-net.com>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <027001c0c129$14b7e5b0$1a01010a@sid>
Content-Transfer-Encoding: 8bit
By the way, I recently upgraded a PIX 515 at work. The folks at Cisco
inform me that the latest software binary image, 5.3.1, is broken. They
suggest upgrading to 5.2.5, which has all of the updates in 5.3.1,
including the elimination of the DoS vulnerability.
It also doesn't hurt to upgrade to fix the duplicate SMTP message
problem with PIX 4.x.
--
Scott
=======================
Scott Raymond
http://soundamerica.com
=======================
> From: "Claudiu Calomfirescu" <claudiu@DATANETS.RO>
> >
> > Description:
> > ------------
> > An attacker from inside or outside interfaces of a
> > PIX Firewall 515 or 520, 5.1.4 version running aaa
> > authentication against a TACACS+ Server could
> > cause the PIX to crash and reload by overwhelming
> > it with authentication requests.
