North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Cisco IOS Vulnerability

  • From: Petri Helenius
  • Date: Thu Jul 17 05:05:59 2003

>
> It should be:
>
> http://www.cisco.com/tacpage/sw-center/sw-ios.shtml
>
> The Advisory is being updated. It might even be out there.
>
Do you know if they are going to update the advisory with more detail?

At least Im able to generate packets which get stuck in the input
queue on the vulnerable releases but get properly discarded when
sent to a box running a "Rebuild" release downloaded from CCO today.

Design of the packet does not go past your average firewall configuration,
not sure if there is one which would. So most people should be safe
and the workarounds in the advisory do fend this one off also.

Pete