[59679] in North American Network Operators' Group
Re: Cisco IOS Vulnerability
daemon@ATHENA.MIT.EDU (Petri Helenius)
Thu Jul 17 05:04:08 2003
From: "Petri Helenius" <pete@he.iki.fi>
To: <bgreene@cisco.com>, "'Brian Wallingford'" <brian@meganet.net>,
<Valdis.Kletnieks@vt.edu>
Cc: "'Darrell Kristof'" <darrell.kristof@wholefoods.com>,
<nanog@merit.edu>
Date: Thu, 17 Jul 2003 12:00:59 +0300
Errors-To: owner-nanog-outgoing@merit.edu
>
> It should be:
>
> http://www.cisco.com/tacpage/sw-center/sw-ios.shtml
>
> The Advisory is being updated. It might even be out there.
>
Do you know if they are going to update the advisory with more detail?
At least I´m able to generate packets which get stuck in the input
queue on the vulnerable releases but get properly discarded when
sent to a box running a "Rebuild" release downloaded from CCO today.
Design of the packet does not go past your average firewall configuration,
not sure if there is one which would. So most people should be safe
and the workarounds in the advisory do fend this one off also.
Pete
