nanog mailing list archives

Re: Cisco vulnerability on smaller catalyst switches

From: "Petri Helenius" <pete () he iki fi>
Date: Sat, 19 Jul 2003 08:56:13 +0300


My testing with the exploit I initially created has no effect on L2 only
catalysts, like 2924XL or so. I haven´t been able to figure out the
right sequence if any to accomplish that. No effect even on the management
interface.

Pete


As part of our vulnerability tests, we have been unable to confirm that the
smaller catalyst switches running IOS but without L3 capability are
vulnerable.  They don't seem to react in a negative way to the same attacks
that lock up the other devices we have tested.  Has anyone else been able to
verify this one way or the other?

--
Chris Griffin                           cgriffin () ufl edu
Network Engineer - CCNP                 Phone: (352) 392-2061
OIT - Network Services                  Fax:   (352) 392-9440
University of Florida                   Gainesville, FL 32611

Current thread:

Cisco vulnerability on smaller catalyst switches Chris Griffin (Jul 18)
- Re: Cisco vulnerability on smaller catalyst switches Petri Helenius (Jul 18)
- <Possible follow-ups>
- RE: Cisco vulnerability on smaller catalyst switches McBurnett, Jim (Jul 18)
- RE: Cisco vulnerability on smaller catalyst switches Steve Rude (Jul 18)
  - Re: Cisco vulnerability on smaller catalyst switches Haesu (Jul 18)
- RE: Cisco vulnerability on smaller catalyst switches Steve Rude (Jul 18)