[59778] in North American Network Operators' Group
Re: Cisco vulnerability on smaller catalyst switches
daemon@ATHENA.MIT.EDU (Petri Helenius)
Sat Jul 19 01:56:57 2003
From: "Petri Helenius" <pete@he.iki.fi>
To: "Chris Griffin" <cgriffin@ufl.edu>, <nanog@merit.edu>
Date: Sat, 19 Jul 2003 08:56:13 +0300
Errors-To: owner-nanog-outgoing@merit.edu
My testing with the exploit I initially created has no effect on L2 only
catalysts, like 2924XL or so. I havenīt been able to figure out the
right sequence if any to accomplish that. No effect even on the management
interface.
Pete
>
> As part of our vulnerability tests, we have been unable to confirm that the
> smaller catalyst switches running IOS but without L3 capability are
> vulnerable. They don't seem to react in a negative way to the same attacks
> that lock up the other devices we have tested. Has anyone else been able to
> verify this one way or the other?
>
> --
> Chris Griffin cgriffin@ufl.edu
> Network Engineer - CCNP Phone: (352) 392-2061
> OIT - Network Services Fax: (352) 392-9440
> University of Florida Gainesville, FL 32611
>
>
