nanog mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Cisco IOS Vulnerability

From: "Darrell Kristof" <darrell.kristof () wholefoods com>
Date: Thu, 17 Jul 2003 01:05:46 -0500

If Cisco made THIS big a deal of this to not release info to the public,
I wouldn't wait.  There must be a reason.  I had to push and push to get
any info and I think they finally gave up because too many people knew.
If you notice 

http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml

For Public Release 2003 July 17 at 0:00 UTC (GMT)

But at the bottom is says:
Distribution 
This notice will be posted on the Cisco worldwide website at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml at
21:00 GMT on July 17th, 2003. 

Hmmm... I think that means 4PM CT TOMORROW!  From what I understand they
didn't want this to be public until tomorrow afternoon.

- D

-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of
Mikael Abrahamsson
Sent: Thursday, July 17, 2003 12:48 AM
To: nanog () merit edu
Subject: RE: Cisco IOS Vulnerability



On Wed, 16 Jul 2003, Darrell Kristof wrote:



Cisco Security Advisory: Cisco IOS Interface Blocked by IPv4 Packet 
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml


IS anyone seeing this exploited in the wild? It'd be good to know if we 
need to do panic upgrade or can schedule it for our next maintenance 
window (which is during the weekend).

-- 
Mikael Abrahamsson    email: swmike () swm pp se
Previous By Date Next
Previous By Thread Next

Current thread: