For those of you playing along at home who also have to have an ASA running 8.0 or 8.1 code, pay attention. The rest of you, go about your business. Move along, nothing to see here...
Cisco recently announced that a flaw exists in ASA 8.0 and 8.1 code that can force the device to reload itself if a specially-formed HTTP packet passes through it if SSL VPN is being used. There are a couple of other conditions, but from what I've read they're all pretty non-standard configurations.
The moral of the story - keep your code up to date.
There's also a paper being released at Black Hat Europe next week that will supposedly reveal a fundamental flaw in BGP and MPLS of a comparable seriousness to Kaminsky's DNS exploit of several months ago. So all those of you who run BGP (yeah yeah I know, no one who runs BGP is going to be reading the blog of little old me), heads up.
