29 Mar
2016
29 Mar
'16
9:03 a.m.
Totally! The ASA 9.1.6 version has the IKE buffer overflow vulnerability CVE-2016-1287.... So we upgraded to 9.1.7 and found out the Cisco patch was borked, so we had to downgrade to 9.1.6. Pretty sloppy from Cisco. Now they're saying to upgrade to 9.1.7(4).... Somewhat apprehensive ;)
Excellent Cisco software quality assurance? :D
Adam.
Sent from BlueMail http://www.bluemail.me/r
On Mar 29, 2016, at 06:26, "Warren Daly (OPUS)" <warren@opus.com.kh mailto:warren@opus.com.kh> wrote:
This is related to an IPSEC post I mailed a few weeks ago. I know this is not an Observium issue. Sorry for posting here, but I'm wondering if anybody else noticed this issue. Cisco ASA 5505 Security Plus license. Same IOS version 9.1.6, 1024Mb RAM. Almost identical configurations. Why would 1 device report cikeTun* values, and the other say 'No Such Object available on this agent at this OID' Both have active IPSEC tunnels that pass traffic. Any thoughts most welcome. Thank you. /usr/bin/snmpwalk -v2c -c *** -Pu -OQUs -m CISCO-IPSEC-FLOW-MONITOR-MIB -M /var/www/observium/mibs/rfc:/var/www/observium/mibs/net-snmp:/var/www/observium/mibs/cisco 'udp':'192.168.1.254':'161' cikeTunnelEntry *cikeTunnelEntry = No Such Object available on this agent at this OID* * * * */usr/bin/snmpwalk -v2c -c *** -Pu -OQUs -m CISCO-IPSEC-FLOW-MONITOR-MIB -M /var/www/observium/mibs/rfc:/var/www/observium/mibs/net-snmp:/var/www/observium/mibs/cisco 'udp':'192.168.20.254':'161' cikeTunnelEntry * *cikeTunLocalType.10067968 = ipAddrPeer cikeTunLocalType.10207232 = ipAddrPeer cikeTunLocalType.10293248 = ipAddrPeer cikeTunLocalValue.10067968 = x.x.x.x cikeTunLocalValue.10207232 = x.x.x.x cikeTunLocalValue.10293248 = x.x.x.x cikeTunLocalAddr.10067968 = "D2 18 81 82 " cikeTunLocalAddr.10207232 = "D2 18 81 82 " cikeTunLocalAddr.10293248 = "D2 18 81 82 " ------------------------------------------------------------------------ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
--
Warren Daly
Chief Technical Officer
+855 (0) 89 288 107 Skype: warrendaly
OPUS
+855 (0) 23 987 014
www.opus.com.kh
Suite 3FN1 - VTrust Office Centre
Parkway Square | Phnom Penh, Cambodia