North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Cisco cover up

  • From: Stephen Sprunk
  • Date: Thu Jul 28 15:47:43 2005 
Thus spake "Mikael Abrahamsson" <[email protected]>

On Thu, 28 Jul 2005, Mark Owen wrote:
Cisco had the exploit fixed in April and no longer offers the exploitable OS for download on their site.
And the list of vulnerable IOS versions is where....?

I don't care exactly what the exploit is but I want to know the risks involved and what versions are vulnerable. Any workarounds available
would be nice as well, the fewer routers potentially needing immediate
upgrade to fixed IOS the better.
The short answer is, if an image is still on CCO, it's not vulnerable. That applies to both this problem and any other security problems Cisco has patched but not published notices for yet.

S

Stephen Sprunk "Those people who think they know everything
CCIE #3723 are a great annoyance to those of us who do."
K5SSS --Isaac Asimov