S-144: Cisco PIX and ASA Time-to-Live Vulnerability
A crafted IP packet vulnerability exists in the Cisco PIX 500 Series Security Appliance (PIX) and the Cisco 5500 Series Adaptive Security Appliance (ASA) that may result in a reload of the device. The risk is LOW. May result in a reload of the device. This vulnerability is triggered during processing of a crafted IP packet when the Time-to-Live (TTL) decrement feature is enabled.
Hi all,
I need this as soon as possible to solve it or at least to find out what is the problem.
I have configured IPSec tunnels with Openswan and Cisco ASA, i have established a connection and the ping was fine, but after some time there is request time out from both sites. I don't have ASA... (0 Replies)
Hi,I want connect my ASA 5510 firewall to a 3750 switch with RIP routing. Unfortunately,I am having issues passing the VPN subnet through rip to the 3750.I don't understand how the routing table is populated on the ASA. Any suggestions? (0 Replies)
Hi,
I am trying to establish vpn between my linux server and cisco asa at client side.
I installed openswan on my cent os.
Linux Server
eth0 - 182.2.29.10
Gateway - 182.2.29.1
eth1 - 192.9.200.75
I have simple IPtables Like
WAN="eth0"
LAN="eth1" (0 Replies)
I having problem connecting to a Cisco PIX
Log from IKE
# /usr/lib/inet/in.iked -f /etc/inet/ike/config -d
Jan 16 00:40:57: 2012 (+0800) *** in.iked started ***
Jan 16 00:40:57: Loading configuration...
Jan 16 00:40:57: Checking lifetimes in "nullrule"
Jan 16 00:40:57: Using default value... (0 Replies)
machid(1) General Commands Manual machid(1)NAME
machid: hp9000s200, hp9000s300, hp9000s400, hp9000s500, hp9000s700, hp9000s800, hp-mc680x0, hp-pa, pdp11, u370, u3b, u3b10, u3b2, u3b5, vax
- provide truth value about processor type
SYNOPSIS DESCRIPTION
The following commands return a true value (exit code 0) if the a processor type matches the command name. Otherwise a false value (exit
code nonzero) is returned. These commands are commonly used within makefiles and shell procedures to improve portability of applications
(see make(1)).
+-----------+-------------------------++--------+--------------------------+
|Command | True for ||Command | True for |
+-----------+-------------------------++--------+--------------------------+
|hp9000s200 | Series 200 ||pdp11 | PDP-11/45 or PDP-11/70 |
|hp9000s300 | Series 300 ||u3b | 3B20 computer |
|hp9000s400 | Series 400 ||u3b2 | 3B2 computer |
|hp9000s500 | Series 500 ||u3b5 | 3B5 computer |
|hp9000s700 | Series 700 ||u3b10 | 3B10 computer |
|hp9000s800 | Series 800 or 700 ||u370 | IBM System/370 computer |
|hp-mc680x0 | Series 200, 300, or 400 ||vax | VAX-11/750 or VAX-11/780 |
|hp-pa | Series 700 or 800 || | |
+-----------+-------------------------++--------+--------------------------+
EXAMPLES
Given a shell script that must behave differently when run on an HP 9000 Series 700 or 800 system, select the correct code segment to be
executed:
WARNINGS
always returns true on both Series 800 and Series 700 systems. Therefore, when using this command in scripts to determine hardware type,
always use both and in the appropriate sequence to ensure correct results (see
machid(1) will no longer provide support for future machines beyond the Series 800 and Series 700 systems. Decisions should be based on
the hardware and software configuration information returned by getconf(1).
SEE ALSO getconf(1), make(1), sh(1), test(1), true(1).
machid(1)