[11859] in bugtraq
Re: CISCO and nestea.
daemon@ATHENA.MIT.EDU (Jim Duncan)
Sun Sep 12 21:23:59 1999
Message-Id: <199909120620.CAA06803@rtp-cse-422.cisco.com>
Date: Sun, 12 Sep 1999 02:20:34 -0400
Reply-To: Cisco Product Security Incident Response Team <psirt@cisco.com>
From: Jim Duncan <jnduncan@CISCO.COM>
X-To: BUGTRAQ@SECURITYFOCUS.COM, Vit Andrusevich
<vandruse@virtualis.com>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <006901befab1$e6a6d080$04c29ec2@glitch.beltelecom.by>,
<Pine.BSF.3.96.990911171917.29978C-100000@sentry.east.ru>
Vit Andrusevich <vandruse@virtualis.com> writes:
> Hello.
>
> Sorry if it was known before..
>
> My CISCO 2600 with NAT IOS 12.0 crashes when I try to run nestea DoS attack
> against one of my servers.
>
> The victim of nestea attack was one of my NT servers which was "under NAT".
Basil V. Dolmatov <dol@EAST.RU> writes:
> 12.0(what?)
>
> It was a bug in IOS several months ago, which was fixed already.
>
> Upgrade your IOS.
Basil is correct. Thanks.
Vit, just to make sure that is the correct answer, could you please send
us the output from a "show tech" command? Thanks. There's always a
chance you may have uncovered a new problem.
As always, the best place to send questions and reports about possible
vulnerabilities in any Cisco product is to the Cisco Product Security
Incident Response Team, <psirt@cisco.com>. You can read about us at
<http://www.cisco.com/warp/public/707/sec_incident_response.shtml>.
Check with us first to avoid wasting bandwidth by posting unnecessary or
inaccurate messages to critical mailing lists like BUGTRAQ. We provide
24x7 response to reports of vulnerabilities in Cisco products and to
requests to assist customers with security incidents.
It's also faster to send us e-mail directly -- BUGTRAQ is an incredibly
useful list, but as an e-mail gateway it's not as efficient as e-mail
addressed directly to us at <psirt@cisco.com>. :-)
The Cisco Product Security Incident Response Team is affiliated with the
Forum of Incident Response and Security Teams, <http://www.first.org/>.
Thanks.
Jim
--
Jim Duncan, Product Security Incident Manager, Cisco Systems, Inc.
