North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Cisco IOS Vulnerability

  • From: Sean Donelan
  • Date: Thu Jul 17 02:04:13 2003

On Thu, 17 Jul 2003, Mikael Abrahamsson wrote:
> On Wed, 16 Jul 2003, Darrell Kristof wrote:
> > Cisco Security Advisory: Cisco IOS Interface Blocked by IPv4 Packet
> >
> IS anyone seeing this exploited in the wild? It'd be good to know if we
> need to do panic upgrade or can schedule it for our next maintenance
> window (which is during the weekend).

According to the cisco advisory, there are no reports of public knowledge
of the exploit nor has anyone been detected using the exploit.

Since Cisco is keeping the packet information confidential, you can't
program an IDS to detect it (i.e. no signature is available).  But if your
router does hang up, the cisco advisory includes information about
checking if you've been hit by this bug; versus the numerous other bugs

Cisco stated if they receive any reports of the exploit in the wild,
they will re-issue the advisory with the updated information.