CiscoがPIXとASAに対してDoSを受ける脆弱性が存在するということでセキュリティアドバイザリーを出しているそうです。

• http://www.cisco.com/warp/public/707/cisco-sa-20081022-asa.shtml

Cisco Security Advisory cisco-sa-20081022-asa was released to address multiple vulnerabilities in Cisco ASA and PIX. These vulnerabilities may allow an attacker to bypass authentication mechanisms or cause a denial-of-service condition.

http://www.us-cert.gov/current/index.html#cisco_releases_advisory_for_cisco1

NTドメイン認証周りみたいです。

Windows NT Domain Authentication Bypass Vulnerability

Because of a Microsoft Windows NT Domain authentication issue the Cisco ASA and Cisco PIX devices may be susceptible to a VPN authentication bypass vulnerability. Cisco ASA or Cisco PIX security appliances that are configured for IPSec or SSL-based remote access VPN using Microsoft Windows NT Domain authentication may be vulnerable. Devices that are using any other type of external authentication (that is, LDAP, RADIUS, TACACS+, SDI, or local database) are not affected by this vulnerability.

http://www.cisco.com/warp/public/707/cisco-sa-20081022-asa.shtml