[59639] in North American Network Operators' Group
Re: New Cisco Vulnerability
daemon@ATHENA.MIT.EDU (Petri Helenius)
Wed Jul 16 15:51:41 2003
From: "Petri Helenius" <pete@he.iki.fi>
To: "Vincent J. Bono" <vbono@vinny.org>, <nanog@merit.edu>
Date: Wed, 16 Jul 2003 22:50:39 +0300
Errors-To: owner-nanog-outgoing@merit.edu
This is a multi-part message in MIME format.
------=_NextPart_000_0681_01C34BEC.ADF426D0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
It supposedly requires 75 packets which is the default amount of slots
in the "process switched" input queue on an interface. There have been
packets stuck in the input queue in previous occasions but I suspect
this is readily exploitable remotely.
Pete
----- Original Message -----=20
From: Vincent J. Bono=20
To: nanog@merit.edu=20
Sent: Wednesday, July 16, 2003 10:17 PM
Subject: New Cisco Vulnerability
Hello All,
There seem to be rumors going around that there is a new major Cisco =
vulnerability but only the major backbones are being given fixes right =
now.
Something about packets malformed in a certain manner cause the router =
to wedge.
Can anyne shed any light on or off list?
-vb
------=_NextPart_000_0681_01C34BEC.ADF426D0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2800.1170" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>It supposedly requires 75 packets which =
is the=20
default amount of slots</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>in the "process switched" input queue =
on an=20
interface. There have been</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>packets stuck in the input queue in =
previous=20
occasions but I suspect</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>this is readily exploitable =
remotely.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Pete</FONT></DIV>
<DIV> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style=3D"FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV=20
style=3D"BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: =
black"><B>From:</B>=20
<A title=3Dvbono@vinny.org href=3D"mailto:vbono@vinny.org">Vincent J. =
Bono</A>=20
</DIV>
<DIV style=3D"FONT: 10pt arial"><B>To:</B> <A title=3Dnanog@merit.edu=20
href=3D"mailto:nanog@merit.edu">nanog@merit.edu</A> </DIV>
<DIV style=3D"FONT: 10pt arial"><B>Sent:</B> Wednesday, July 16, 2003 =
10:17=20
PM</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Subject:</B> New Cisco =
Vulnerability</DIV>
<DIV><BR></DIV>
<DIV><FONT face=3DArial size=3D2>Hello All,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>There seem to be rumors going around =
that there=20
is a new major Cisco vulnerability but only the major backbones are =
being=20
given fixes right now.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Something about packets malformed in =
a certain=20
manner cause the router to wedge.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Can anyne shed any light on or off=20
list?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>-vb</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial =
size=3D2></FONT> </DIV></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_0681_01C34BEC.ADF426D0--
