Knowledgebase
RSS Feed
Latest Updates
Feb
5
Cisco ASA CVE 2018 010
Posted by Paul Cocker on 05 February 2018 08:07

A recently released vulnerability (CVE-2018-010) in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. 

This vulnerability affects Cisco ASA Software that is running on the following Cisco products:
 

3000 Series Industrial Security Appliance (ISA)

ASA 5500 Series Adaptive Security Appliances

ASA 5500-X Series Next-Generation Firewalls

ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers

ASA 1000V Cloud Firewall

Adaptive Security Virtual Appliance (ASAv)

Firepower 2100 Series Security Appliance

Firepower 4110 Security Appliance

Firepower 9300 ASA Security Module

Firepower Threat Defense Software (FTD)

 
We recommend that all customers using affected devices either ensure they are running a fixed firmware version or, take steps to disable the webvpn (Anyconnect) service.

 If you require assistance protecting your business, please raise a Domicilium Resolve ticket or, contact your account manager to discuss managed firewall services.

Kind regards
Domicilium


Read more »



Feb
12
Serious vulnerability with Cisco ASA firewalls
Posted by Dan Ankers on 12 February 2016 17:17

Cisco have released a Security Advisory for their ASA Firewall Software.  They have discovered a vulnerability that means “an attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system.

The full advisory, and a list of the first fixed release of every major version (see “Software Versions and Fixes”), is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike

Please note that upgrades are dependent on there being sufficient memory present on the device.   No support contract is required to receive security upgrades.

If you require any further assistance with this notification, please raise a ticket and an engineer will respond.


Read more »



Jan
28
Notification - 'GHOST' Linux vulnerability
Posted by Andy Shephard on 28 January 2015 16:27

A buffer overflow bug has been discovered in the glibc library found within many distributions of Linux, including CentOS and Debian.  Dubbed ‘GHOST’ (CVE-2015-0235), this vulnerability is exploitable remotely and locally, allowing for arbitrary code execution and therefore unauthorized access.  This is achieved through use of the gethostbyname() function calls used for DNS resolving.

 

Patches have been made available for a number of Linux distribution and it is recommended that you patch as soon as possible.  This can be achieved in the following ways:

For CentOS, Red Hat, Fedora etc:

$ yum clean all && yum update

For Debian, Ubuntu and derivatives:

$ apt-get clean && apt-get update && apt-get upgrade

 

After installing the latest version of the glibc package, you will need to ensure that all packages dependent on glibc are restarted.  These can be identified with the following:

$ lsof | grep libc | awk '{print $1}' | sort | uniq

*The lsof package may need to be installed ($ yum install lsof)

Alternatively, rebooting the entire server will also achieve this.  If you can't reboot the entire system, restart at least all public-facing services like webservers, mailservers, etc.

 

Please also note that other vendor-specific devices and software may be vulnerable, but as yet patches have not been released.

 

If you require any assistance with securing your system, please raise a ticket with Domicilium Operations via Resolve, or speak to your account manager.


Read more »



Oct
11
Notification – Cisco Security Advisory
Posted by Andy Shephard on 11 October 2014 14:54

Cisco have released a Security Advisory for their ASA Firewall Software.  They have discovered a number of vulnerabilities that “are independent of one another; a release that is affected by one of the vulnerabilities may not be affected by the others”.

The full advisory, and a list of the first fixed release of every major version (see “Software Versions and Fixes”), is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa

Please note that upgrades are dependent on there being sufficient memory present on the device, as well as a valid support contract.

If you require any further assistance with this notification, please raise a ticket and an engineer will respond.


Read more »



Sep
20
A new look for Domicilium Resolve!
Posted by Sam Gordon on 20 September 2013 00:57

You may have noticed that Domicilium Resolve is looking a little fresher today! The new look is part of a continued effort to offer our customers a simple and efficient support experience.

Despite the new look, the site will continue to function as it did previously.

If you have any problems or concerns, please do not hesitate to contact us.


Read more »