nanog mailing list archives

Re: Working vulnerability? (Cisco exploit)

From: "David A. Ulevitch" <davidu () everydns net>
Date: Fri, 18 Jul 2003 08:33:55 -0500 (CDT)



<quote who="Ken Yeo">


Is this true:

http://www.eweek.com/article2/0,3959,1196496,00.asp

**there is a working exploit for this vulnerability but that it has not
been
released yet.**


No, it is not true.  The exploit *has* been released:

http://www.netsys.com/cgi-bin/displaynews?a=611

http://lists.netsys.com/pipermail/full-disclosure/2003-July/011421.html
http://lists.netsys.com/pipermail/full-disclosure/2003-July/011420.html

-davidu

----------------------------------------------------
   David A. Ulevitch -- http://david.ulevitch.com
  http://everydns.net -+- http://communitycolo.net
Campus Box 6957 + Washington University in St. Louis
----------------------------------------------------

Current thread:

Protecting inbound interfaces (re: Cisco exploit) Rick Ernst (Jul 18)
- Re: Protecting inbound interfaces (re: Cisco exploit) Wayne (Jul 18)
- Re: Protecting inbound interfaces (re: Cisco exploit) Basil Kruglov (Jul 18)
- Working vulnerability? (Cisco exploit) Ken Yeo (Jul 18)
  - Re: Working vulnerability? (Cisco exploit) Mike Tancsa (Jul 18)
  - Re: Working vulnerability? (Cisco exploit) David A. Ulevitch (Jul 18)