[87924] in North American Network Operators' Group
Re: Worm?
daemon@ATHENA.MIT.EDU (Rubens Kuhl Jr.)
Sat Jan 14 11:56:12 2006
Date: Sat, 14 Jan 2006 14:55:39 -0200
From: "Rubens Kuhl Jr." <rubensk@gmail.com>
To: "Byrne, David" <David.Byrne@echostar.com>
Cc: nanog@merit.edu
In-Reply-To: <1BAAFB74C5643343B75CF51A121690FB016683C8@MER2-EXCHA1.echostar.com>
Errors-To: owner-nanog@merit.edu
See story below from isc.sans.org (now on cover page, article on
http://isc.sans.org/diary.php?storyid=3D1042)
Rubens
-----------------------------------------------
TippingPoint IPS DoS (High CPU load) (NEW)
Published: 2006-01-14,
Last Updated: 2006-01-14 05:57:28 UTC by Swa Frantzen (Version:
3(click to highlight changes))
We are getting multiple reports of a DoS attack (causing high CPU load
that prevents normal use) against TippingPoint IPS devices.
We got a call from TippingPoint, stating that in their opinion this is
not a "DoS", but a "high load" issue.
For more details we'd like to urge customers to contact TippingPoint
directly. They are working on a patch and advisory which should be
available shortly.
Edit: We've received a report that TippingPoint has now released a
patch for this issue. The patch version is TOS 2.1.4.6324.
--
Swa Frantzen
On 1/13/06, Byrne, David <David.Byrne@echostar.com> wrote:
>
>
> Anyone know about a new worm going around? Our IPS vendor says that they
> have a number of customers affected by traffic volume, but I don't know a=
ny
> details.
>
> Thanks,
>
> David Byrne
>
> Corporate IT Security
>
> EchoStar Satellite L.L.C.
>
> 720-514-5675
>
> david.byrne@echostar.com
>
>
