[71152] in North American Network Operators' Group
Re: TCP-ACK vulnerability (was RE: SSH on the router)
daemon@ATHENA.MIT.EDU (Christopher L. Morrow)
Thu Jun 10 01:18:21 2004
Date: Thu, 10 Jun 2004 05:17:28 +0000 (GMT)
From: "Christopher L. Morrow" <christopher.morrow@mci.com>
In-reply-to: <Pine.GSO.4.58.0406091513220.19694@clifden.donelan.com>
To: Sean Donelan <sean@donelan.com>
Cc: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, 9 Jun 2004, Sean Donelan wrote:
>
> http://www.cisco.com/warp/public/707/cisco-sa-20040609-catos.shtml
>
> IP Permit Lists will not provide any mitigation against this vulnerability.
>
> The race is on, who will find your switches first?
>
makes one wonder about all that virus-foo running around splashing packets
at 0/0:80... I wonder if any of that might have triggered these reloads
over the last, how long? Since catos was born? :(
a good thing, I think, cisco is finding and releasing these
problems/bugs/'features' in their platforms and thus working through
quality control issues. it's nice, other vendors should do the same for
things that get connected to the public network.
-Chris
