Full Disclosure mailing list archives
Re: rumours of new Cisco IOS vulnerability
From: Len Rose <len () netsys com>
Date: Wed, 16 Jul 2003 21:07:52 -0400
Yes, that's exactly what you should do. Don't forget any of the loopback addresses as well. The question is what code trains are vulnerable, and what will folks with older hardware be able to do about it if Cisco says "no fix". Len On Wed, Jul 16, 2003 at 02:45:45PM -0700, Blue Boar wrote: [snippage]
That generally means packets with a destination address of one of the router's own interfaces. If there's some mystery exploit out there, one workaround would be to firewall the router's own IP address(es). This would still allow the router to perform its routing function for other IPs.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- rumours of new Cisco IOS vulnerability Len Rose (Jul 16)
- Re: rumours of new Cisco IOS vulnerability Blue Boar (Jul 16)
- Re: rumours of new Cisco IOS vulnerability Christopher McCrory (Jul 16)
- Re: rumours of new Cisco IOS vulnerability Len Rose (Jul 16)
- Re: rumours of new Cisco IOS vulnerability asi (Jul 16)
- Re: rumours of new Cisco IOS vulnerability christopher neitzert (Jul 16)
- Re: rumours of new Cisco IOS vulnerability Rob Lemos (Jul 16)
- Re: rumours of new Cisco IOS vulnerability Christopher McCrory (Jul 16)
- Re: rumours of new Cisco IOS vulnerability christopher neitzert (Jul 16)
- Re: rumours of new Cisco IOS vulnerability Nigel Houghton (Jul 16)
- <Possible follow-ups>
- Re: rumours of new Cisco IOS vulnerability jklemenc (Jul 16)
- Re: rumours of new Cisco IOS vulnerability Codex (Jul 16)
- Re: rumours of new Cisco IOS vulnerability Mattias Ahnberg (Jul 16)
- Re: rumours of new Cisco IOS vulnerability Blue Boar (Jul 16)