1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cisco v8.0.4.16 ASA Interim Released

Discussion in 'Other Cisco Equipment' started by Toxic, Dec 9, 2008.

  1. Toxic

    Toxic Administrator Staff Member

    Cisco ASA Interim Release Notes

    The software images listed below are Interim releases. They contain bug fixes which address specific issues found since the last Feature or Maintenance release. The images are fully supported by Cisco TAC and will remain on the download site only until the next Maintenance release is available.

    If you do not have a specific problem which is resolved by an Interim release, were commend that you use the Feature or Maintenance release images located at:

    http://www.cisco.com/cgi-bin/tablebuild.pl/asa

    Important: These images were not fully regression tested. Each individual fix was unit tested, and the image has had a limited amount of automated regression testing to confirm a baseline of functionality. Keep this testing status in mind if you decide to run them in a production environment. We strongly encourage you to upgrade to a fully tested Maintenance or Feature release when it becomes available.


    Revision: Version 8.0.4(16) – 12/04/2008
    File: asa804-16-k8.bin
    Defects resolved since 8.0.4(3):

    CSCea86586 PIX ENH - show process output needs to display runtime percentages
    CSCsd37075 PIX/ASA reload in Thread Name PIM IPv4 when multicast routing enabled
    CSCse14893 SUA - Text entry for AAA Challenges are in the clear-should be asterisks
    CSCse93941 Add new syslog for vpn-filters
    CSCsh84836 inspect skinny silently drops non skinny tcp port 2000 traffic w/out log
    CSCsh88405 ASA syslog 216001: internal error in es_PostEvent: invalid descriptor
    CSCsi52304 ENH - displaying the asp drop capture should include asp drop reason
    CSCsj05862 Traceback in Thread Name: radius_snd
    CSCsj40681 ENH: PIX/ASA: Maintain TCP connections when VPN tunnels flap
    CSCsj97400 sysopt connection reclassify-vpn should be default
    CSCsk19485 syslog TCP_CONN_END shows Reset-O for ASA generated TCP RST
    CSCsl02630 WebVPN: Traceback in Thread Name: emweb/https
    CSCsl15229 Increase TCP proxy reassembly limit for all inspection engines
    CSCsl19298 PIX and ASA SCCP Inspection Needs to Support Early RTP
    CSCsl41515 ASA traceback in Dispatch Unit (Old pc 0x00223a67 ebp 0x018b12f8)
    CSCsm12846 ENH: debug crypto condition reset should prompt for confirmation
    CSCsm15079 ASA: 'vpn-idle-timeout none' behavior needs clarification
    CSCsm20204 Extended ping command with no ip specified causes stuck thread
    CSCsm24047 DNS query is sent out before cmd is completed when dns enabled
    CSCsm34349 PIX 7.0.7 SNMP memory counters show wrong value
    CSCsm36960 DAP: Error selecting any DAP records
    CSCsm44527 Console log:"Invalid logcount -1" when active/active failover configured
    CSCsm80791 SVC compression should be disabled by default
    CSCsm81609 ASDM: users go to portal page instead of SVC starting automatically
    CSCsm82935 ASDM:Cant allow user named "a" "al" nor "all" to Local CA User Database
    CSCso00062 AU-UPDATE-FAIL: Image upload with auto-update fails: "Flash open failed"
    CSCso01003 Crypto accelerator errors seen in syslog.
    CSCso01335 ASA allows stray ACK to pass
    CSCso02912 Session MIB to mirror sh vpn-sessiondb summary Active / Session Info
    CSCso20343 Protocol field in the show sessions should not show 'Clientless'
    CSCso38576 Enable Favorite Option for bookmark display does not work as described
    CSCso43608 snmpget of cicoMemoryPoolFree return free memory wrong in user context
    CSCso58711 ASA may re-order http config lines in running-config from startup-config
    CSCso66470 Failure of 4GE module stops failover from working
    CSCso66911 ASA55x0 GE output stuck and underrun errors
    CSCso67060 enh ASA need to have configurable threshold for the memory tracking tool
    CSCso79314 ASA 5505 doesn't connect as Easy VPN Client
    CSCso84215 High CPU by using ASDM with "log asdm info" configured
    CSCso93603 ASA 5510 will not install AOL SSL ID certificate
    CSCso93969 ASA mangling errors with certain webpages
    CSCso95135 Zero-downtime upgrade from 7.2 not possible anymore after 8.0.3.10
    CSCsq04749 CUPC on ASA fails to transmit port 50001 due to reassembly limit of 8192
    CSCsq10022 High CPU when large number of VPN clients with per-user ACLs disconnect
    CSCsq19457 ERROR: entry for address/mask = 0.0.0.0/0.0.0.0 may break webvpn or ASDM
    CSCsq20042 'vpnclient enable' breaks 'aaa mac-exempt match'
    CSCsq24915 ASA traceback in thread name netfs_thread_init
    CSCsq27110 Remove asdm location and group commands from startup config
    CSCsq30162 TCP proxy needs global timeout for reassembled packets
    CSCsq31399 Traceback in Thread Name: vpnfol_thread_msg when doing write standby
    CSCsq34336 ASA: rate-limiting for encrypted s2s traffic not consistently handled
    CSCsq39905 Traceback in IPsec message handler
    CSCsq40777 ASA traceback when AIP module is reloaded
    CSCsq43283 ASA traceback in thread webvpn_session_free
    CSCsq43878 multi mode A/A failover write standby will see crypto CLI error in stby
    CSCsq44918 Traceback in vpnfol_thread_timer (Address not mapped)
    CSCsq48636 High CPU when nameif/security level changed for new interface
    CSCsq55969 "show parser dump all" causes Traceback in ci/console
    CSCsq56045 SSO with Radius challenge/response - OTP is reused for internal sites
    CSCsq62883 SSL VPN: POST plugin does not work with Macro Substitutions
    CSCsq63583 Remove "Server:" directive from WebVPN replies
    CSCsq65437 ASA 8.0 does not correctly calculate TCP MSS for traffic to the box
    CSCsq65580 set nat-t-disable does not override crypto isakmp nat-traversal
    CSCsq67954 ASA rekeys at less traffic volume than expected value
    CSCsq68617 ASA5540 - High CPU during vpn auth if the AAA server is down
    CSCsq69763 ASA VPNLB issues encryption enabled cluster
    CSCsq73010 ASA 7.2.3.19 traceback in Thread Name: IKE Receiver
    CSCsq74923 ASA - no support for auto update when used with webvpn on same int.
    CSCsq75341 Traceback in Thread Name: Unicorn Proxy Thread
    CSCsq77997 SSL VPN: Rewriting errors when caching enabled
    CSCsq80095 PIX/ASA: Console gets frozen if user logs in during failover replication
    CSCsq87533 DHCP Client not receiving DHCP ACK during addr renewal with DHCP relay
    CSCsq89467 Plugins cause java.io.IOException when web ACL is applied
    CSCsq90760 Traceback in ci/console
    CSCsq91277 Unable to remove access-list from interface
    CSCsr00298 Keepalive period for asdm_logging is too long
    CSCsr01628 ASA5505 fails to process any packets until a show tech issued on console
    CSCsr04639 traceback after SSH connection close from ASA5550
    CSCsr05453 ASA/PIX:CPU spike may be noticed when removing objects from object-group
    CSCsr09436 FTP buffer logging queue not cleared when logging is disabled
    CSCsr11242 ASA 8.0 - Standby unit stuck in Sync Config state after write standby
    CSCsr11493 ASDM - read-only users receive "enter network password" popup
    CSCsr17905 Slow memory leak due to crypto key generation
    CSCsr21103 CUPS/CUPC fails through the ASA, msg size < 8K
    CSCsr23204 ARP collision detected: Primary MAC used by both active and standby
    CSCsr23628 ASA ignores webtype ACLs with "?" char in URL
    CSCsr25122 Page fault in IP thread under high traffic load
    CSCsr25353 Scanning threat-detection reports incorrect victim subnets
    CSCsr27940 sqlnet inspection should not handle multiple TNS frames in one packet
    CSCsr28008 PAT src port allocation policy negates effect of host port alloc. policy
    CSCsr29027 Traceback in thread name Checkheaps related to WebVPN
    CSCsr32208 Active firewall fails to replicate any ICMP connections to standby
    CSCsr39311 CM SIP Trunk call failures due to ASA closing connection by inspection
    CSCsr39638 Failover polling may cause High CPU
    CSCsr40360 iPhone 2.0 SW requires that ASA/PIX 7.x+ address mask is 255.255.255.255
    CSCsr41534 ASA may traceback with Thread Name: emweb/https
    CSCsr41612 Traceback in IP Address Assign
    CSCsr41868 Cisco ASA w/ VPN- Array index out of bounds Software Failure
    CSCsr45985 ASA 8.x WEBVPN: Web-Type ACL Filter incorrectly denies traffic
    CSCsr46157 Traceback when 'no nameif' executed under an interface
    CSCsr46385 ASA needs to support host ACE Entries for Multicast RP mapping
    CSCsr46571 Additional WebVPN licenses are being used during every auth challenge
    CSCsr47319 vpn-sessiondb data counters for webvpn sessions incorrect
    CSCsr47881 Out of 80 byte blocks leads to Flow closed by inspection with TLS-Proxy
    CSCsr50655 asa traceback in dispatch unit
    CSCsr53737 AnyConnect sessions dropped when Failover occurs with HostScan
    CSCsr57537 ASA Impossible to send mail with OWA when using CSC and WebVPN
    CSCsr58672 CPU hog in nat module when acls are added
    CSCsr59417 Port Forwarding Fails Intermittently due to DNS
    CSCsr60908 WebVPN CIFS failing with STATUS_NO_LOGON_SERVERS
    CSCsr62405 reload occurs when url-server is unavailable and using udp transport
    CSCsr62923 IPv6: cannot configure multiple IPv6 route with different hop count
    CSCsr63074 DPD not sent when peer is dead & tunnel not idle on s2s with 7.2.4
    CSCsr63082 SSL VPN: link adds two extra slashes cifs:// to \\server\share/filename
    CSCsr64970 ASA big dap.xml file partially replicated in failover
    CSCsr65102 ASA 8.0.3.12 Traceback in Thread: aaa
    CSCsr65235 Samba authentication failure - CIFS implementation is case insensitive
    CSCsr65574 Memory leak in AAA [ eap proxy ]
    CSCsr67861 WebVPN: Can not open custom profile "webfo" (a nil value)
    CSCsr68315 second close to netfs thread causing traceback
    CSCsr68455 CPU spike when deleteing IKE SA with VPN-Filters
    CSCsr69635 System hangs while loading image from compact flash if bad sector error
    CSCsr71069 ASA - OSPF over IPSEC over PPPoe connection not working correctly
    CSCsr71463 ASDM not receiving historical data from platform thru asdm_handler
    CSCsr73107 Pix traceback fover_parse page fault in route processing
    CSCsr74265 ASA crypto HW error when trying to fragment small IP packet
    CSCsr74439 PIX/ASA: Certain malformed NAT-T packets may cause IKE process to hang
    CSCsr75077 Fallback case fails when OCSP revocation check configured
    CSCsr81712 Memory leak with inspection IM enabled
    CSCsr84998 SSL VPN: CSD tokens not cleaned up correctly
    CSCsr86581 Certification validation error should be enhanced w/ issuer info
    CSCsr89122 Inactive keyword on ACL should not be allowed on NAT ACL at all.
    CSCsr91721 FOVER: Error trying to delete acl when used as a network-acl in DAP
    CSCsr93942 VPN: IP Address assignment not logged when address in-use conflict
    CSCsr98211 Smart tunnel connections remain active indefinitely after user's session
    CSCsu00218 ASA 8.0(4) WEBVPN: Web-Type ACL incorrectly denies traffic with DAP
    CSCsu00534 assert failure causes checkheaps to detect memory corrpution with AAA
    CSCsu00947 Webvpn: RDP plugin: Ignore geometry if FullScreen parameter is present.
    CSCsu02317 ASA strips domain in RADIUS accounting packet
    CSCsu02718 snmp get-next-request incorrect value IP-MIB::ipAdEntAddr from standby
    CSCsu03240 snmpgetnext not responding properly for cfwBufferStatValue OID
    CSCsu04547 Radius Challenge Message include <tag> make anyconnect fail
    CSCsu06543 Proxy auth when in RSA Next-Token-Mode fails 50% of the redirection
    CSCsu08061 ASA:RRI:Routes incorrectly deleted when split-tunneling enabled
    CSCsu11361 phone proxy: deleted phone continues to use license for some time
    CSCsu21846 smart tunnel fail behind proxy server
    CSCsu23121 Cannot access CIFS shares based on "name" commands
    CSCsu26592 ASA 7.2: FO replication not working for dACL with wildcard netmask
    CSCsu26649 Large packets dropped with ip-comp enable configured
    CSCsu27564 File browsing fails when using client certificate
    CSCsu37362 http inspection shouldn't reset for protocol-violation if not configured
    CSCsu37451 "Interface number is -1" and no incoming traffic for a vlan interface
    CSCsu38292 interface Virtual254 appears in show interface output
    CSCsu38385 Debug webvpn javascript trace user not disabled by undebug all
    CSCsu39077 Translation table webvpn.po has no entry password and verify password.
    CSCsu40015 management-only cmd not synced. when m0/0 configured for failover
    CSCsu41147 PIX/ASA default ipsec sa lifetime in config for each crypto map seq #
    CSCsu41224 Traceback in Thread Name: CMGR Server Process
    CSCsu43121 Traceback: Long IKE attributes can cause buffer overrun
    CSCsu44598 SQLNet inspection closes flow
    CSCsu46588 Heuristic based scanners report smart tunnel as malware
    CSCsu47981 Failover of VPN connections not working with FIPS enabled
    CSCsu50074 Traceback in Thread Name: IPsec message handler
    CSCsu52268 SSH won't work to interface with ip address assigned via DHCP
    CSCsu58733 L2TP IPSec ASA send ESP packet with using old SA pair
    CSCsu59140 Access-lists that use "interface" may not work if i/f changes
    CSCsu62782 VPN traffic gets dropped after rekey w/ multiple cry seq# for same peer
    CSCsu63101 ASA pushes reversed mask and gw if dhcp-network-scope is in the GP
    CSCsu63272 reload after issuing show crypto ipsec sa, related to anti-replay
    CSCsu65118 ASA: Traceback in Thread Name: ssh
    CSCsu65735 ASA may allow authentication of an invalid username
    CSCsu66300 WebVPN CIFS bookmarks causes memory leak requiring a reboot
    CSCsu67417 Radius accounting request fails on ASA if we have many radius attributes
    CSCsu68795 Redundant interface goes down after ASA resets
    CSCsu69083 Incorrect Entry Installed in ASP Table for inbound TFTP by Phone Proxy
    CSCsu69765 ASA nat command with VPN LB is lost after reload
    CSCsu70543 ASA: LDAP doesn't do searchRequest for user if there is an "\" in cert
    CSCsu71696 Traceback in netfs_thread_init: Page fault: Address not mapped
    CSCsu72509 SSH fails after multiple failovers
    CSCsu72519 TD shuns UDP senders on standby ASA due to null-udp-session timeout
    CSCsu73112 Traceback on standby ASA 5580 running 8.1.1.9
    CSCsu73337 WebVPN: POST Plugin fails if no URL list defined
    CSCsu75735 ASA 8.0.4 smart tunnel with auto-sign on sends wrong password to weburl.
    CSCsu77167 WebVPN: Group-URL fails with non default webvpn port
    CSCsu77535 'error contacting host' accessing CIFS shares, occurs after 24 days
    CSCsu79355 ASA: Isakmp SA not built out backup interface when route changes
    CSCsu84438 WEBVPN CIFS: Must have at least dir list access when mounting subfolders
    CSCsu85188 ASA 7.2.4.15 traceback at Thread Name: IKE Daemon
    CSCsu88174 Traceback in failover synchronization
    CSCsu88302 When global PAT pools exhausted FTP data connections might fail
    CSCsu88534 Filtering applied to all dest. ports upon creation of a new intf
    CSCsu89235 removing nameif does not remove management-access
    CSCsu90653 ASA: Disabling Isakmp User Auth Causes Webvpn Authentication to Fail
    CSCsu93506 Traceback in Thread Name: Dispatch Unit
    CSCsu95114 ASA DHCP Relay Sourcing DHCP unicast msgs on udp 68 instead of udp 67
    CSCsu97211 Traceback after configuring GTP inspection in second class
    CSCsu97665 L2TP: Mac Group Name option is failing: SA Proposals Unacceptable
    CSCsu97803 PPP/L2TP debugs are not seen from ssh/telnet session
    CSCsu97825 L2TP/IPSec with vpn-filters in group-policy misbehave
    CSCsu99482 ASA differs from concentrator group and user dACL merge behavior
    CSCsv01270 PIX memory stats through SNMP are incorrect
    CSCsv02380 CSD's data.xml corrupted after upgrade
    CSCsv03262 Unavailable tacacs doesn't trigger fallback to LOCAL authentication
    CSCsv05499 SSL VPN: MANGLE_FILE generates console messages
    CSCsv07104 clientless webvpn /smart tunnels usage triggers 256 byte block leak
    CSCsv10354 ASA doesn't send client hostname to DHCP server for L2TP/IPSec clients
    CSCsv10655 Traceback when Updating L2TP Username
    CSCsv11062 Redistribute Command Does Not Check the Route-Map for Existence
    CSCsv11650 mroute parsed incorrectly at startup when names used
    CSCsv13115 PIX/ASA - "sh memory" gives inaccurate memory info
    CSCsv16410 Incorrect routing for EIGRP with redundant interfaces
    CSCsv18647 Enforce reload to reboot in case of mis-behavior of monitor or asa proc
    CSCsv19091 fragmented mcast forwarding broken when NAT is involved
    CSCsv27829 ASA 5580 stops forwarding traffic while checking CRL
    CSCsv28869 HTTP server should send Last-Modified header field for .jnlp files
    CSCsv32284 smart-tunnel command corrupting config when removed from DfltGrpPolicy
    CSCsv42185 Suspected double free resulting in 5580 traceback
    CSCsv42964 TD scanning-threat does not pick up the correct rate threshold in syslog
    CSCsv43219 Traceback in Ike Daemon Thread
    CSCsv43401 cifs browsing fails when accessing any folders under Japanese folder
    CSCsv43552 Radius accounting request fails on ASA if we have many radius attributes
    CSCsv44072 Traceback in Thread Name: IP Address Assign
    CSCsv49752 WebVPN: Implement ActivexOnly param to RDP plugin
    CSCsv59046 Traceback in Unicorn Proxy Thread, abort: watchdog failure
    CSCsv59883 ASA5510 Traceback when VPN timeout set to maximum
    CSCsv63354 ASA 8.0.4.x - IPsec tunnel encaps get frozen after 500Mb of traffic
    CSCsv65244 SSL VPN:Incorrect mangling of URLs starting with \\, like \\test-winc
    CSCsv65950 rri route disappearing after phase 2 rekey for dynamic l2l tunnel
    CSCsv65986 Need to educate users about smart tunnel workings
    CSCsv67105 Telnet/SSH plugin: garbled Japanese help file
    CSCsv77900 ASA/PIX may reload with traceback in thread: Dispatch Unit (IPSEC CTCP)
    CSCsv80536 ASA/PIX displays inconsistent value for 'Configuration last modified'
    CSCsv87869 Assert due to access of stale data during cert authentication.
    CSCsv94394 Group-policy selected for the user is not passed to DAP properly
    CSCsv97892 Traceback with Thread Name: IKE Daemon
     

Share This Page