Network Penetration Testing

Cisco IKE Fragmentation Vulnerability

our services

A Cisco ASA appliance was found to be affected by a remote code execution vulnerability. A buffer overflow can be caused by fragmented UDP IKE packets, potentially leading to execution of arbitrary code.

More information on these vulnerabilities can be found at the following URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike

Devices should be upgraded to a patched version of IOS. To find an appropriate patch level for the device consult this table:

Version Patch to
7.21 Affected; migrate to 9.1(6.11) or later
8.01 Affected; migrate to 9.1(6.11) or later
8.11 Affected; migrate to 9.1(6.11) or later
8.21 8.2(5.59)2
8.31 Affected; migrate to 9.1(6.11) or later
8.4 8.4(7.30) or later
8.51 Not affected
8.61 Affected; migrate to 9.1(6.11) or later
8.7 8.7(1.18) or later
9.0 9.0(4.38) or later
9.1 9.1(6.11) or later
9.2 9.2(4.5) or later
9.3 9.3(3.7) or later
9.4 9.4(2.4) or later
9.5 9.5(2.2) or later

More information can be found at the following URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike

We
Are
Changing
The
Way
Pentesting
Is
Done
  • Application
  • Network
  • Mobile
  • AWS