Bugtraq mailing list archives
Re: Cisco 675 Denial of Service Attack
From: Damir Rajnovic <gaus () CISCO COM>
Date: Tue, 5 Dec 2000 08:12:24 +0000
Hello there, At 15:17 01/12/2000 -0800, J Edgar Hoover wrote:
At the risk of further delaying the actual release of an upgrade... there are some other problems with the Cisco 675.
We are correcting the threat model an we will address some of concerns raised in this and other mails there.
If you disable telnet, it still accepts connections on port 23. You can move telnet to port xxx and disable telnet, and it will listen on port xxx. Vulnerable to DoS, possible exploit.
How?
The IP Filtering is a joke. The command line doesn't match the written or electronic documention, and the actual filter rules don't do what they claim to do.
Do you have any example which you mind to share (not documentation bugs)?
Before anyone flames me about not notifying Cisco privately... keep in mind it is not my job to help cisco develop a more secure product. I've had vendors sit on bugs for over a year, threaten legal action, and just plain waste my time in a volley of denials and questions. It's far more efficient to just release the bugs on IRC.
Yes, we goofed this time. How much more ashes we need to spill upon ourselves? It is true that customers should not be in a business of helping Cisco to make more secure products but it just happen to be that way. Then again, no one is asking you to help us or any other vendor for that matter. It is up to you to decide what you will do. From our side, we are trying to be proactive as much as we can. It is not much as we would like to but we can not do more at this time. If someone thinks that it can do better I would like to see that person. We are looking to enlarge PSIRT so if any one think that (s)he is up to the challenge just send us your CV and we will talk. Cheers, Gaus ============== Damir Rajnovic <psirt () cisco com>, PSIRT Incident Manager, Cisco Systems <http://www.cisco.com/warp/public/707/sec_incident_response.shtml> Phone: +44 7715 546 033 4 The Square, Stockley Park, Uxbridge, MIDDLESEX UB11 1BN, GB ============== There is no insolvable problems. Question remains: can you accept the solution?
Current thread:
- Re: Cisco 675 Denial of Service Attack, (continued)
- Re: Cisco 675 Denial of Service Attack Nicholas Ianelli (Dec 01)
- Re: Cisco 675 Denial of Service Attack Lisa Napier (Dec 02)
- Re: Cisco 675 Denial of Service Attack poke (Dec 02)
- Re: Cisco 675 Denial of Service Attack Erik Parker (Dec 02)
- Re: Cisco 675 Denial of Service Attack Kee Hinckley (Dec 05)
- Re: Cisco 675 Denial of Service Attack CDI (Dec 02)
- Re: Cisco 675 Denial of Service Attack Erik Parker (Dec 02)
- Re: Cisco 675 Denial of Service Attack poke (Dec 02)
- Re: Cisco 675 Denial of Service Attack Shane Youhouse (Dec 02)
- Re: Cisco 675 Denial of Service Attack CDI (Dec 05)
- Re: Cisco 675 Denial of Service Attack J Edgar Hoover (Dec 05)
- Message not available
- Re: Cisco 675 Denial of Service Attack Damir Rajnovic (Dec 06)
- Re: Cisco 675 Denial of Service Attack J Edgar Hoover (Dec 07)
- Message not available
- Re: Cisco 675 Denial of Service Attack Damir Rajnovic (Dec 07)