Cisco ASA 5500 Series Adaptive Security Appliances are affected by the following vulnerabilities:
* TCP Connection Exhaustion Denial of Service Vulnerability
* Session Initiation Protocol (SIP) Inspection Denial of Service Vulnerabilities
* Skinny Client Control Protocol (SCCP) Inspection Denial of Service Vulnerability
* WebVPN Datagram Transport Layer Security (DTLS) Denial of Service Vulnerability
* Crafted TCP Segment Denial of Service Vulnerability
* Crafted Internet Key Exchange (IKE) Message Denial of Service Vulnerability
* NT LAN Manager version 1 (NTLMv1) Authentication Bypass Vulnerability
These vulnerabilities are not interdependent; a release that is affected by one vulnerability is not necessarily affected by the others.
There are workarounds for some of the vulnerabilities disclosed in this advisory.
Cisco has released free software updates that address these vulnerabilities.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100217-asa.shtml