[59711] in North American Network Operators' Group
Re: Cisco IOS Vulnerability
daemon@ATHENA.MIT.EDU (Petri Helenius)
Fri Jul 18 03:51:39 2003
From: "Petri Helenius" <pete@he.iki.fi>
To: "joshua sahala" <joshua.ej.smith@usa.net>,
"Daniel Karrenberg" <daniel.karrenberg@ripe.net>,
"Andy Dills" <andy@xecu.net>
Cc: "Jack Bates" <jbates@brightok.net>,
"Sean Donelan" <sean@donelan.com>,
"Mikael Abrahamsson" <swmike@swm.pp.se>, <nanog@merit.edu>
Date: Fri, 18 Jul 2003 10:50:53 +0300
Errors-To: owner-nanog-outgoing@merit.edu
>
> cisco posted what the four 'bad' protocol types were in rev 1.3 of the
> online doc - now it is just an academic exercise to get them crafted
> correctly........no imagination necessary, only a router, a cco
> login, and a traffic generator needed
>
With rev 1.0 it took me two hours. IP protocol space is only eight
bits anyway. 1.3 gives exploit options for less networking oriented
people too.
Pete
