12-18-2003, 10:47 AM
Quote:Two vulnerabilities in Cisco PIX Firewall devices can result in a Denial of Service (DoS) condition on the vulnerable system. Under certain conditions, an established VPNC IPSecurity (IPSec) tunnel connection drops if another IPSec client attempts to initiate an Internet Key Exchange (IKE) Phase I negotiation to the outside interface of the VPN client-configured Cisco PIX firewall. Also, the Cisco PIX firewall crashes and reloads while processing a received SNMP v3 message when snmp-server host <ip_addr> is configured on the Cisco PIX firewall. This problem occurs even if the Cisco PIX firewall doesn't support SNMP v3. Cisco has released a security bulletin concerning these vulnerabilities and recommends that affected customers obtain the patch through normal support channels.
PIX is being a pain again ! :-D