[82821] in North American Network Operators' Group
Re: Cisco IOS Exploit Cover Up
daemon@ATHENA.MIT.EDU (John Forrister)
Fri Jul 29 13:35:59 2005
Date: Fri, 29 Jul 2005 10:35:19 -0700
From: John Forrister <john@segfault.com>
To: "Christopher L. Morrow" <christopher.morrow@mci.com>
Cc: nanog@merit.edu
In-Reply-To: <Pine.GSO.4.58.0507290101290.3650@parapet.argfrp.us.uu.net>
Errors-To: owner-nanog@merit.edu
On Fri, Jul 29, 2005 at 01:01:42AM +0000, Christopher L. Morrow wrote:
>
> > could they be unpatched because no one has sent out a notice saying
> > "versions before X have known vulnerabilities. upgrade now to one
> > of the following: ...?"
> or... cause new IOS won't run on them.
Indeed - Cisco's hardware, especially the older, smaller boxes, tended
to be really solid once you got them running. I was just pondering a
few minutes ago on how many 2500's I configured & installed in 1996 & 1997
are still running today, on code that's no longer supported by
Cisco, and which are incapable of taking enough flash to load a newer image.
-John
