Re: Warning: Cisco RW community backdoor.

[Jim Duncan <jnduncan () cisco com>]

Sean Donelan writes:
> Anyone with a Smartnet contract have a response from Cisco yet?  I really
> need to get my own Smartnet number.

No need.  I'll post the advisory as soon as I can get it ready.  It's
probably going to be another hour or two.

The only reason I've paused to post this response is to ask everyone to
wait for the advisory and stop experimenting.  This one is really
strange in the interactions with various releases, features, and
hardware.  The real problem is that if you try enough different
combinations of config commands to shut off the problem, you'll put your
ATM connections in a very poor state (that's the best way I can put it).

As a side note, this is a problem with the standards.  In particular,
how the standards _require_ a function to be implemented.

Please wait for the advisory.

Thanks!

        Jim




-- 
Jim Duncan, Product Security Incident Manager, Cisco Systems, Inc.
<http://www.cisco.com/warp/public/707/sec_incident_response.shtml>
E-mail: <jnduncan () cisco com>  Phone(Direct/FAX): +1 919 392 6209