nanog mailing list archives
Re: Networking Pearl Harbor in the Making
From: Eric Gauthier <eric () roxanne org>
Date: Mon, 7 Nov 2005 11:21:20 -0500
Robert,
All of our network is now patched for the latest Cisco advisory. We were already running fixed code on a few routers when the advisory came out so we knew the code was stable and moved to it on all other boxes.
I'm not exactly "in the know" on this one, but the heap-overflow advisory that we've seen indicates that the IOS updates Cisco put out are not patches for this problem: "Cisco has devised counter-measures by implementing extra checks to enforce the proper integrity of system timers. This extra validation should reduce the possibility of heap-based overflow attack vectors achieving remote code execution." from http://www.cisco.com/warp/public/707/cisco-sa-20051102-timers.shtml We've asked Cisco for a better explanation - namely, are their recommended updates "patches" to the problem (i.e. repairs) or simply mitigating updates that make is harder to exploit. The wording of their advisory seems to indicate the latter. This latter case is what worries me since it implies that there is a fundamental problem in IOS, the problem still exists even after patching, and that Cisco can't readily repair it. Unfortunately, so far we've gotten the run-around and haven't been able to get a better answer, again leading me to believe the worst. Eric :)
Current thread:
- Networking Pearl Harbor in the Making J. Oquendo (Nov 07)
- Re: Networking Pearl Harbor in the Making Jared Mauch (Nov 07)
- Re: Networking Pearl Harbor in the Making Robert Boyle (Nov 07)
- Re: Networking Pearl Harbor in the Making Eric Gauthier (Nov 07)
- Re: Networking Pearl Harbor in the Making James Baldwin (Nov 07)
- Re: Networking Pearl Harbor in the Making Eric Germann (Nov 07)
- Re: Networking Pearl Harbor in the Making Blaine Christian (Nov 07)
- Re: Networking Pearl Harbor in the Making Christopher L. Morrow (Nov 07)
- Re: Networking Pearl Harbor in the Making Blaine Christian (Nov 07)
- Re: Networking Pearl Harbor in the Making Tom Sands (Nov 07)
- Re: Networking Pearl Harbor in the Making Warren Kumari (Nov 07)
- Re: Networking Pearl Harbor in the Making Robert Boyle (Nov 07)
- Re: Networking Pearl Harbor in the Making Jared Mauch (Nov 07)
- Re: Networking Pearl Harbor in the Making Michael . Dillon (Nov 08)
- Message not available
- Re: Networking Pearl Harbor in the Making Roy S. Rapoport (Nov 08)
- <Possible follow-ups>
- RE: Networking Pearl Harbor in the Making Hannigan, Martin (Nov 07)