Vulnerability Development mailing list archives
Re: Cisco 677 oddity: Broadcasting to port 1999
From: Jim Duncan <jnduncan () cisco com>
Date: Tue, 15 Aug 2000 02:14:35 -0400
Please report Cisco product security vulnerabilities to psirt () cisco com. If it's an emergency, please send mail to security-alert () cisco com. Vladimir Kraljevich writes:
AFAIK, the purpose of this broadcast is just syslog, nothing more.
Port 1999 is the Cisco Discovery Protocol. It was deprecated a long time ago, I don't believe it's available by default anymore (if it is we'll try to get it turned off), I don't think anybody uses it for anything useful, and the whole subject of why it exists, what it does, why it's not useful anymore, and what to do about it has been beaten to death several times on several mailing lists, most notably BUGTRAQ around 1999 February, I think. Anybody that wants to avoid rehashing old issues can search the archives. We'll try to start archiving old issues like that on our web pages since they come up time and time again. Please report Cisco product security vulnerabilities to psirt () cisco com. If it's an emergency, please send mail to security-alert () cisco com.
From my experience, it is possible to nail a coffin to Cisco 677 with ICMP request in which IPOPT_RR is set. Someone, please confirm this.
We'll take a look at it. Thanks for letting us know. Please report Cisco product security vulnerabilities to psirt () cisco com. If it's an emergency, please send mail to security-alert () cisco com.
I wrote to CCO, but they wanted my ID, SSN, dog's name, mother's maiden name, photographies of my family, my footprint, my fingerprints etc. to be able to submit these informations. I'm not in the mood to cooperate on that way with someone who is responsible to deal with his faults. However, public deserves to know :)
That's *not* supposed to happen -- contracts and warranties are *not* supposed to be checked if someone is reporting a product security vulnerability. That can be avoided by contacting the PSIRT directly. Occasionally a Cisco employee may not be aware they are handling an issue that should receive PSIRT attention; if you think that is happening when you are trying to report a vulnerability, please ask them to contact the PSIRT. We are available 24 hours a day, seven days a week, around the globe. Please report Cisco product security vulnerabilities to psirt () cisco com. If it's an emergency, please send mail to security-alert () cisco com. Thanks. Jim
Current thread:
- Cisco 677 oddity: Broadcasting to port 1999 Chris vuln-dev (Aug 09)
- Re: Cisco 677 oddity: Broadcasting to port 1999 Vladimir Kraljevich (Aug 14)
- Re: Cisco 677 oddity: Broadcasting to port 1999 Jim Duncan (Aug 15)
- Re: Cisco 677 oddity: Broadcasting to port 1999 Blue Boar (Aug 15)
- Re: Cisco 677 oddity: Broadcasting to port 1999 Jim Duncan (Aug 15)
- <Possible follow-ups>
- Re: Cisco 677 oddity: Broadcasting to port 1999 Jeffrey Karpenko (Aug 10)
- Re: Cisco 677 oddity: Broadcasting to port 1999 Vladimir Kraljevich (Aug 14)