Full Disclosure mailing list archives
Re: Should nmap cause a DoS on cisco routers?
From: Thierry Zoller <Thierry () Zoller lu>
Date: Fri, 2 Jul 2010 12:59:13 +0200
Slippery Slopes everywhere : DR> Again, causing the RP CPU to go to 100% due to punted DR> management-plane traffic isn't a new phenomenon 1. Nobody claimed it to be a new phenomenon 2. He is not saturating anything. DR> Of course PSIRT will ask for details, as they should; my point is DR> that there's likely nothing new to see here, Oh that's the point now? I thought your point was that it is not a security "bug". I agree on the "nothing new" here, "new" however is not a relevant attribute to decide on whether it is a vulnerability or not. DR> Even if there is something new, here - which I doubt - it's DR> important that folks understand that there are BCPs they can We heard your BCPs and XZY clearly, doesn't make it less of a vulnerability. DR> The original poster asked if this were a configuration issue - DR> and the answer is, yes Interesting, how do you know ? 1. you do not know what caused the problem 2. you do obviously do not know what packets caused the problems If it is a default configuration and you can remotely cause a denial of service condition : it is a vulnerability. If it is a non standard configuration and you can remotely cause a denial of service condition : it is a vulnerability. DR> vulnerabilities - as opposed to merely saturating the RP of a DR> given network device with management-plane traffic. Some of them Last time : He appears to not be saturating anything. nmap -sV does surely not create saturisation... DR> And many of them could be mitigated via BCPs until such time as DR> fixed code could be deployed, as well. There it is again, BCP. Is this the new "IDS" ? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Should nmap cause a DoS on cisco routers?, (continued)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Florian Weimer (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? AMILABS (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Dan Kaminsky (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Lee (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Dan Kaminsky (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? AMILABS (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Thierry Zoller (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Thierry Zoller (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Dan Kaminsky (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Mailing lists at Core Security Technologies (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Fyodor (Jul 06)
- Re: Should nmap cause a DoS on cisco routers? coderman (Jul 07)
- Re: Should nmap cause a DoS on cisco routers? Benji (Jul 08)