Cisco Multiple vulnerabilities in IOS and Pix/ASA

Heads up! Cisco announced flaws in their Cisco IOS IPS and Pix/ASA products.

1. Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and ASA Appliances

• Enhanced Inspection of Malformed Hypertext Transfer Protocol (HTTP) traffic may cause a Pix/ASA to crash resulting in a denial of service.
  
• Inspection of malformed Session Initiation Protocol (SIP) packets may cause a Pix/ASA to crash resulting in a denial of service.
  
• Inspection of a stream of malformed Transmission Control Protocol (TCP) packets may cause a Pix/ASA to crash resulting in a denial of service.
  
• Privilege escalation of locally defined user with privilege of zero (0)
  

2. Cisco Security Advisory: Multiple IOS IPS Vulnerabilities

• Fragmented IP packets may be used to evade signature inspection.
  
• IPS signatures utilizing the regular expression feature of the ATOMIC.TCP signature engine may cause a router to crash resulting in a denial of service.

Fixes and workarounds are available. Check the security advisories for the affected versions and fix.