Re: CR vs. CoreBuilder

[John Hall <j.hall () f5 com>]

The notice you referenced says that CBOS v2.4.2 fixes the problem, it
does not.  If you have the 675 configured to allow access to the web
admin port, whether or not the web admin service is enabled, it still
can crash the router.  I severely limit incoming packets below 1024,
so I just set the web admin port number to be one that my filters
drop and I've had no problems since.  There is definitely still a
problem with the 675, it's just not as serious as before.

JMH

Curt Purdy wrote:
> This is a side-effect of cr on 600 routers not related to the index vuln:
> http://www.cisco.com/warp/public/707/cisco-code-red-worm-pub.shtml#Affected
>
> Curt Purdy
> Information Security Engineer
> DP Solutions
> purdy () tecman com
>
> -----Original Message-----
...
> on "8-5-2001" "John Nemeth" writ:
...
> ... i've noticed a similar problem with a cisco 675 ADSL router.  in
> particular, i've had to do a cold boot three (3) times 'since' the CR-II
> attack started.  i had disabled the web command interface, and checking
> revealed that still the case.
...

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com