By the way, I recently upgraded a PIX 515 at work. The folks at Cisco
inform me that the latest software binary image, 5.3.1, is broken. They
suggest upgrading to 5.2.5, which has all of the updates in 5.3.1,
including the elimination of the DoS vulnerability.
It also doesn't hurt to upgrade to fix the duplicate SMTP message
problem with PIX 4.x.
--
Scott
=======================
Scott Raymond
http://soundamerica.com
=======================
> From: "Claudiu Calomfirescu" <[EMAIL PROTECTED]>
> >
> > Description:
> > ------------
> > An attacker from inside or outside interfaces of a
> > PIX Firewall 515 or 520, 5.1.4 version running aaa
> > authentication against a TACACS+ Server could
> > cause the PIX to crash and reload by overwhelming
> > it with authentication requests.
