Re: rumours of new Cisco IOS vulnerability

[Christopher McCrory <chrismcc () pricegrabber com>]

Hello...

On Wed, 2003-07-16 at 14:45, Blue Boar wrote:
> Len Rose wrote:
> > According to what I've been reading it's a remotely
> > exploitable denial of service situation, based on
> > specially crafted packets designed to fill up the
> > "process switched" input queues on an interface.
>
> That generally means packets with a destination address of one of the 
> router's own interfaces.  If there's some mystery exploit out there, one 
> workaround would be to firewall the router's own IP address(es).  This 
> would still allow the router to perform its routing function for other IPs.

Based on the discussion on other lists,  all major ISPs have issued
"emergency update" notices.  Presumably, they already have vty ACLs in
place, yet they are updating anyway. 

YMMV


<stolen from yet another list>
Apparently a teacher has been arrested in the UK in possession of
compasses, protractors, and straight edge rulers. It is claimed he is a
member of the Al Gebra movement bearing weapons of math instruction.


-- 
Christopher McCrory
 "The guy that keeps the servers running"
 
chrismcc () pricegrabber com
 http://www.pricegrabber.com
 
Let's face it, there's no Hollow Earth, no robots, and
no 'mute rays.' And even if there were, waxed paper is
no defense.  I tried it.  Only tinfoil works.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html