[59893] in North American Network Operators' Group
Cisco Vulnerability (updated?)
daemon@ATHENA.MIT.EDU (Jason Frisvold)
Wed Jul 23 16:34:06 2003
From: Jason Frisvold <friz@corp.ptd.net>
To: nanog@merit.edu
Date: 23 Jul 2003 16:32:42 -0400
Errors-To: owner-nanog-outgoing@merit.edu
--=-XzwSQ0JFQqjX2w1+IOJ5
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
Apparently protocol 103 does not need to have a ttl of 0 or 1 when it
hits the interface in order to cause the DoS ... Cisco has updated
their advisory to reflect this (Version 1.9 now)..
Just wanted to alert everyone...
This makes the thought of some sort of virus causing this even more
realistic.. no need to check ttl's, just fire away with protocol
103... Yikes...
--=20
---------------------------
Jason H. Frisvold
Backbone Engineering Supervisor
Penteledata Engineering
friz@corp.ptd.net
RedHat Engineer - RHCE # 807302349405893
Cisco Certified - CCNA # CSCO10151622
MySQL Core Certified - ID# 205982910
---------------------------
"Imagination is more important than knowledge.
Knowledge is limited. Imagination encircles
the world."
-- Albert Einstein [1879-1955]
--=-XzwSQ0JFQqjX2w1+IOJ5
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQA/HvDpRsoFMdDaiQgRAtK5AJ9TgfQUCnhpn8dy4IdkZ5uhcbBmeQCcD5BM
cSQwSCZhXb2OenkS/nITYfg=
=C48M
-----END PGP SIGNATURE-----
--=-XzwSQ0JFQqjX2w1+IOJ5--
