nanog mailing list archives

Re: Cisco IOS Vulnerability

From: "Petri Helenius" <pete () he iki fi>
Date: Thu, 17 Jul 2003 12:00:59 +0300


It should be:

http://www.cisco.com/tacpage/sw-center/sw-ios.shtml

The Advisory is being updated. It might even be out there.

Do you know if they are going to update the advisory with more detail?

At least I´m able to generate packets which get stuck in the input
queue on the vulnerable releases but get properly discarded when
sent to a box running a "Rebuild" release downloaded from CCO today.

Design of the packet does not go past your average firewall configuration,
not sure if there is one which would. So most people should be safe
and the workarounds in the advisory do fend this one off also.

Pete

Current thread:

Re: Cisco IOS Vulnerability, (continued)
- - - Re: Cisco IOS Vulnerability Joe Abley (Jul 17)
    - Re: Cisco IOS Vulnerability micah mcnelly (Jul 17)
    - Re: Cisco IOS Vulnerability Michael Painter (Jul 17)
    - Re: Cisco IOS Vulnerability Daniel Karrenberg (Jul 18)
    - Re: Cisco IOS Vulnerability joshua sahala (Jul 18)
    - Re: Cisco IOS Vulnerability Petri Helenius (Jul 18)
    - RE: Cisco IOS Vulnerability Darrell Kristof (Jul 16)
    - Re: Cisco IOS Vulnerability Valdis . Kletnieks (Jul 17)
    - Re: Cisco IOS Vulnerability Brian Wallingford (Jul 17)
    - RE: Cisco IOS Vulnerability Barry Raveendran Greene (Jul 17)
    - Re: Cisco IOS Vulnerability Petri Helenius (Jul 17)
    - RADb ? mike harrison (Jul 22)
    - Re: RADb ? Kevin Oberman (Jul 22)
    - Re: Cisco IOS Vulnerability Valdis . Kletnieks (Jul 17)
    - Re: Cisco IOS Vulnerability Jack Bates (Jul 17)
    - RE: Cisco IOS Vulnerability Jay Hennigan (Jul 17)
- Re: Cisco IOS Vulnerability George William Herbert (Jul 17)
  - Re: Cisco IOS Vulnerability now in the news Henry Linneweh (Jul 17)
    - Re: Cisco IOS Vulnerability now in the news JC Dill (Jul 17)