S-307: Multiple Vulnerabilities in Cisco PIX and Cisco ASA
Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances. The risk is MEDIUM. Successful exploitation of the vulnerabilities may cause a reload of the affected device, repeated exploitation could result in a sustained Denial-of-Service (DoS) condition, and may allow an attacker to bypass control-plane ACLs and successfully send malicious traffic to the device.
Hi all,
I need this as soon as possible to solve it or at least to find out what is the problem.
I have configured IPSec tunnels with Openswan and Cisco ASA, i have established a connection and the ping was fine, but after some time there is request time out from both sites. I don't have ASA... (0 Replies)
Hi,I want connect my ASA 5510 firewall to a 3750 switch with RIP routing. Unfortunately,I am having issues passing the VPN subnet through rip to the 3750.I don't understand how the routing table is populated on the ASA. Any suggestions? (0 Replies)
Hi,
I am trying to establish vpn between my linux server and cisco asa at client side.
I installed openswan on my cent os.
Linux Server
eth0 - 182.2.29.10
Gateway - 182.2.29.1
eth1 - 192.9.200.75
I have simple IPtables Like
WAN="eth0"
LAN="eth1" (0 Replies)
I having problem connecting to a Cisco PIX
Log from IKE
# /usr/lib/inet/in.iked -f /etc/inet/ike/config -d
Jan 16 00:40:57: 2012 (+0800) *** in.iked started ***
Jan 16 00:40:57: Loading configuration...
Jan 16 00:40:57: Checking lifetimes in "nullrule"
Jan 16 00:40:57: Using default value... (0 Replies)
Info::CiscoStats(3pm) User Contributed Perl Documentation Info::CiscoStats(3pm)NAME
SNMP::Info::CiscoStats - Perl5 Interface to CPU and Memory stats for Cisco Devices
AUTHOR
Eric Miller, Max Baker, Sam Stickland
SYNOPSIS
# Let SNMP::Info determine the correct subclass for you.
my $ciscostats = new SNMP::Info(
AutoSpecify => 1,
Debug => 1,
# These arguments are passed directly on to SNMP::Session
DestHost => 'myswitch',
Community => 'public',
Version => 2
)
or die "Can't connect to DestHost.
";
my $class = $ciscostats->class();
print "SNMP::Info determined this device to fall under subclass : $class
";
DESCRIPTION
SNMP::Info::CiscoStats is a subclass of SNMP::Info that provides cpu, memory, os and version information about Cisco Devices.
Use or create in a subclass of SNMP::Info. Do not use directly.
Inherited Classes
None.
Required MIBs
CISCO-PRODUCTS-MIB
CISCO-PROCESS-MIB
CISCO-MEMORY-POOL-MIB
SNMPv2-MIB
OLD-CISCO-SYSTEM-MIB
CISCO-STACK-MIB
CISCO-ENTITY-VENDORTYPE-OID-MIB
CISCO-FLASH-MIB
ENTITY-MIB
MIBs can be found at ftp://ftp.cisco.com/pub/mibs/v2/v2.tar.gz
GLOBALS
$ciscostats->cpu()
Returns ios_cpu() or cat_cpu(), whichever is available.
$ciscostats->cpu_1min()
Returns ios_cpu_1min() or cat_cpu1min(), whichever is available.
$ciscostats->cpu_5min()
Returns ios_cpu_5min() or cat_cpu5min(), whichever is available.
$ciscostats->mem_total()
Returns mem_free() + mem_used()
$ciscostats->vendor()
'cisco'
$ciscostats->os()
Tries to parse if device is running IOS or CatOS from description()
Available values :
pix Cisco PIX
asa Cisco ASA
fwsm
Single-mode FWSM
fwsm-admin
Admin context of multi-context FWSM
fwsm-context
Standard context of multi-context FWSM
ace-admin
Admin context of ACE module
ace-context
Standard context of ACE module (NB: No OS version detection is available, but will be the same as it's 'ace admin')
css Cisco Content Switch
css-sca
Cisco Content Switch Secure Content Acceleration
$ciscostats->os_ver()
Tries to parse device operating system version from description()
$ciscostats->os_bin()
Tries to parse ROMMON version from rom_id() string
$ciscostats->ios_cpu()
Current CPU usage in percent.
1.3.6.1.4.1.9.2.1.56.0 = "OLD-CISCO-CPU-MIB:avgBusyPer"
$ciscostats->ios_cpu_1min()
Average CPU Usage in percent over the last minute.
1.3.6.1.4.1.9.2.1.57.0
$ciscostats->ios_cpu_5min()
Average CPU Usage in percent over the last 5 minutes.
1.3.6.1.4.1.9.2.1.58.0
$ciscostats->cat_cpu()
Current CPU usage in percent.
"CISCO-PROCESS-MIB::cpmCPUTotal5sec.9"
$ciscostats->cat_cpu_1min()
Average CPU Usage in percent over the last minute.
"CISCO-PROCESS-MIB::cpmCPUTotal1min.9"
$ciscostats->cat_cpu_5min()
Average CPU Usage in percent over the last 5 minutes.
"CISCO-PROCESS-MIB::cpmCPUTotal5min.9"
$ciscostats->mem_free()
Main DRAM free of the device in bytes.
"CISCO-MEMORY-POOL-MIB::ciscoMemoryPoolFree"
$ciscostats->mem_used()
Main DRAM used of the device in bytes.
"CISCO-MEMORY-POOL-MIB::ciscoMemoryPoolUsed"
$ciscostats->mem_total()
Main DRAM of the device in bytes.
"CISCO-MEMORY-POOL-MIB::ciscoMemoryPoolFree" + "CISCO-MEMORY-POOL-MIB::ciscoMemoryPoolUsed"
$ciscostats->flashmem_total()
Flash memory of the device in bytes.
"CISCO-FLASH-MIB::ciscoFlashDeviceSize"
TABLE METHODS
Cisco Memory Pool Table ("ciscoMemoryPoolTable")
$ciscostats->cisco_mem_free()
The number of bytes from the memory pool that are currently unused on the managed device.
("ciscoMemoryPoolFree")
$ciscostats->cisco_mem_used()
The number of bytes from the memory pool that are currently in use by applications on the managed device.
("ciscoMemoryPoolUsed")
Cisco Flash Device Table ("ciscoFlashDeviceTable")
$ciscostats->cisco_flash_size()
Total size of the Flash device. For a removable device, the size will be zero if the device has been removed.
("ciscoFlashDeviceSize")
perl v5.12.4 2011-09-28 Info::CiscoStats(3pm)