Full Disclosure mailing list archives
Re: [c-nsp] Cisco Security Advisory: Crafted IP Option Vulnerability
From: "Ted Mittelstaedt" <tedm () toybox placo com>
Date: Thu, 25 Jan 2007 00:43:20 -0800
----- Original Message ----- From: "Andre Gironda" <andre () operations net> To: "Kevin Graham" <mahargk () gmail com> Cc: <full-disclosure () lists grok org uk>; <nanog () merit edu>; <cisco-nsp () puck nether net> Sent: Wednesday, January 24, 2007 11:38 PM Subject: Re: [c-nsp] Cisco Security Advisory: Crafted IP Option Vulnerability
I would say that this would work:
http://addxorrol.blogspot.com/2007/01/one-of-most-amusing-new-features-of.html
So it's too late. Don't bother upgrading now; you're already owned. Unless they are blocking it at the ISP borders in the same way they blocked out the Cisco IPv4 Crafted DoS vulnerability in 2003. ISP's probably got the patch (or at least Cisco's ISP's did) a week ago. Had rolling reboots lately? Don't know why? Lots of "miscellaneous" ISP maintenace. I wonder...
Ahhhhhhhhhhhh.... So many routers, so little time... Ted _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Cisco Security Advisory: Crafted IP Option Vulnerability Cisco Systems Product Security Incident Response Team (Jan 24)
- Message not available
- Re: Cisco Security Advisory: Crafted IP Option Vulnerability Andre Gironda (Jan 24)
- Re: Cisco Security Advisory: Crafted IP Option Vulnerability Gadi Evron (Jan 25)
- Re: Cisco Security Advisory: Crafted IP Option Vulnerability Andre Gironda (Jan 24)
- Message not available
- Message not available
- Message not available
- Re: [c-nsp] Cisco Security Advisory: Crafted IP Option Vulnerability Andre Gironda (Jan 25)
- Re: [c-nsp] Cisco Security Advisory: Crafted IP Option Vulnerability Ted Mittelstaedt (Jan 25)
- Message not available