[59772] in North American Network Operators' Group
RE: Cisco vulnerability on smaller catalyst switches
daemon@ATHENA.MIT.EDU (Steve Rude)
Fri Jul 18 20:08:55 2003
Date: Fri, 18 Jul 2003 17:07:58 -0700
From: "Steve Rude" <steve@skyriver.net>
To: "Chris Griffin" <cgriffin@ufl.edu>, <nanog@merit.edu>
Errors-To: owner-nanog-outgoing@merit.edu
> As part of our vulnerability tests, we have been unable to confirm
that
> the smaller catalyst switches running IOS but without L3 capability
are
> vulnerable. They don't seem to react in a negative way to the same
> attacks that lock up the other devices we have tested. Has anyone
else=20
> been able to verify this one way or the other?
I tested Catalyst 2924-XL-EN with 12.0(5)WC5a and I found that without
L3 capability it does not seem to be affected. But with L3
connectivity, if you direct the attack at the VLAN1 interface it is
definitely susceptible.=20
I've tested 12.0(5)WC8 and it has the fix.
--steve
