[c-nsp] Pix FOS

Jason Alert Jason.Alert at vc3.com
Tue Jan 2 18:28:11 EST 2007


Speaking of inspection bugs, there's also a bug (CSCse47150) with
"inspect esmtp" in 7.2(1) that will crash the ASA/PIX if it processes
segmented SMTP/ESMTP packets.  

If you are going to upgrade to 7.2, I would use at least interim
7.2(1.19) to get around this bug.  ASA/PIX software 7.2(1.24) appears to
be the most recent interim release.

-Jason





-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Afsheen Bigdeli
Sent: Tuesday, January 02, 2007 5:40 PM
To: Joseph Jackson
Cc: Voll, Scott; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Pix FOS


...according to the Bug Toolkit, maybe, but I can verify the behavior 
still exists in 7.2(1) - I found out the hard way last week.

More to the point, there are quite a few bugs related to inspection in 
general and inspect http in particular for the 7.x branch at the moment 
- and as it's enabled by default, it's worth thinking twice to see if 
you need it or if it can be turned off.

--afsheenb




More information about the cisco-nsp mailing list