[c-nsp] Pix FOS
Jeff Kell
jeff-kell at utc.edu
Tue Jan 2 18:36:21 EST 2007
Jason Alert wrote:
> Speaking of inspection bugs, there's also a bug (CSCse47150) with
> "inspect esmtp" in 7.2(1) that will crash the ASA/PIX if it processes
> segmented SMTP/ESMTP packets.
>
> If you are going to upgrade to 7.2, I would use at least interim
> 7.2(1.19) to get around this bug. ASA/PIX software 7.2(1.24) appears to
> be the most recent interim release.
"inspect esmtp" is very broken, even in 7.2.2, you'll get connections
"closed by inspection" for no stated reason, even with inspection maps
enabled and every case set to "log only". I have a six-week old case
open with the TAC dating back to the original 7.2 upgrade (no problems
with it in 7.1 other than the arguably legitimate flagging of those
myspace mails with "|" chars in the tagged From: addresses).
Jeff
More information about the cisco-nsp
mailing list