Cisco PIX and CBAC Fragmentation Attack

The vulnerability on the PIX Firewall has been assigned Cisco bug ID CSCdk36273. Version 4.2(2) of the PIX Firewall software fixes the vulnerability and is available freely.

The vulnerability in the CBAC feature has been assigned Cisco bug ID CSCdk41516. The free software fix for the CBAC feature is targeted for releases 12.0(2) and 12.0(3)T.

Fixes can either be obtained through the support channel or by contacting a Cisco TAC as detailed in the advisory (see reference).


Privacy Statement
Copyright 2010, SecurityFocus