North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: PoC Exploit Now Available for Cisco NHRP Vulnerability

  • From: Gadi Evron
  • Date: Thu Aug 09 14:22:41 2007


On Thu, 9 Aug 2007, Paul Ferguson wrote:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

If you're using NHRP and haven't patched, it might be a good
idea to do so real soon now.

A proof of concept exploit is now avialable which can crash a router
configured with NHRP authentication enabled:

http://www.milw0rm.com/exploits/4272

Cisco security advisory from yesterday:


http://www.cisco.com/en/US/products/products_security_advisory09186a0080899 63b.shtml

FYI,

I guess we won't know if some of these are remote code execution until we have another Michael Lynn.


Gadi.