[98468] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: PoC Exploit Now Available for Cisco NHRP Vulnerability

daemon@ATHENA.MIT.EDU (Gadi Evron)
Thu Aug 9 14:19:18 2007

Date: Thu, 9 Aug 2007 13:18:22 -0500 (CDT)
From: Gadi Evron <ge@linuxbox.org>
To: Paul Ferguson <fergdawg@netzero.net>
cc: nanog@nanog.org
In-Reply-To: <20070809.103554.7159.0@webmail03.lax.untd.com>
Errors-To: owner-nanog@merit.edu


On Thu, 9 Aug 2007, Paul Ferguson wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> If you're using NHRP and haven't patched, it might be a good
> idea to do so real soon now.
>
> A proof of concept exploit is now avialable which can crash a router
> configured with NHRP authentication enabled:
>
> http://www.milw0rm.com/exploits/4272
>
> Cisco security advisory from yesterday:
>
>
> http://www.cisco.com/en/US/products/products_security_advisory09186a0080899
> 63b.shtml
>
> FYI,

I guess we won't know if some of these are remote code execution until we 
have another Michael Lynn.

 	Gadi.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[98468] in North American Network Operators' Group

Re: PoC Exploit Now Available for Cisco NHRP Vulnerability

daemon@ATHENA.MIT.EDU (Gadi Evron)Thu Aug 9 14:19:18 2007

daemon@ATHENA.MIT.EDU (Gadi Evron)
Thu Aug 9 14:19:18 2007