Re: Cisco IOS 12.0 security bug and workaround

[jason () ACKLEY NET (Jason Ackley)]

On Tue, 22 Dec 1998, John Bashinski wrote:

> characterizing it, and can't yet be completely sure which versions
> or which platforms are affected.

Crashes:
IOS (tm) 4000 Software (C4000-IK2S-M), Version 12.0(2)T
(this is an old 68030 based 4000)

IOS (tm) 2500 Software (C2500-IOS56I-L), Version 12.0(2)
(this is a 2514)

> This bug may cause different router platforms to crash differently.
> Some routers have been observed to reboot and claim that they
> were "restarted by power-on"; you won't necessarily get a stack
> trace from one of these crashes.

 C4000 crashed with :
System restarted by address error at PC 0x10006E8, address 0x802320

C2500 crashes with:
System restarted by error - Illegal Instruction, PC 0x0

The 2514 seemed to take a bit longer to crash than the 4000, which was
almost instant death.. Maybe it was just me..

I also noticed that the 4000 at least still is listening on the bootp
server port, even tho I have 'no ip bootp server' set.. bug or feature?

Cheers,

--
Jason Ackley     jason () ackley net