This vulnerability affects all releases of Cisco PIX Firewall Manager
up to, and including, release 4.2(1). 4.2(2) beta releases are also affected.
Fixed versions are available for both 4.1-based and 4.2-based versions of PFM.
The fixed version for 4.1 is 4.1( 6b). To use PFM version 4.1(6b), you
must install software version 4.1(6) on the PIX Firewall itself.
The fixed version for 4.2 is 4.2(2), which will be released along with
4.2(2) software for the PIX Firewall itself. 4.2(1) PIX Firewall software is
under line stop because of software quality issues, and is not recommended for
use or installation. Therefore, there will be no PFM fix for 4.2(1) PIX
Firewall software. Customers who are using 4.2(1) are advised to downgrade to
version 4.1(6) on their PIX Firewalls, and to install PFM 4.1(6b). If this is
not possible, customers should use the workarounds listed below.
All releases subsequent to these repaired releases will also include
the fix. There will be no future vulnerable PFM releases.