nanog mailing list archives

Re: New Cisco Vulnerability

From: Gregory Hicks <ghicks () cadence com>
Date: Wed, 16 Jul 2003 12:50:45 -0700 (PDT)

From: "Vincent J. Bono" <vbono () vinny org>
Date: Wed, 16 Jul 2003 15:17:54 -0400

Hello All,

There seem to be rumors going around that there is a new major Cisco
vulnerability but only the major backbones are being given fixes
right now.


Not 100% true...  Anyone with a Catalyst 4000/5000/6000 can get it -
free.  See this URL for details.

http://www.cisco.com/warp/public/707/cisco-sa-20030709-swtcp.shtml

Something about packets malformed in a certain manner cause the
router to wedge.


True.

Regards,
Gregory Hicks

Can anyne shed any light on or off list?

-vb


---------------------------------------------------------------------
Gregory Hicks                           | Principal Systems Engineer
Cadence Design Systems                  | Direct:   408.576.3609
555 River Oaks Pkwy M/S 6B1             | Fax:      408.894.3479
San Jose, CA 95134                      | Internet: ghicks () cadence com

Never attribute to malice that which is adequately explained by
ignorance or stupidity.

Asking the wrong questions is the leading cause of wrong answers

"The best we can hope for concerning the people at large is that they
be properly armed." --Alexander Hamilton

Current thread:

New Cisco Vulnerability Vincent J. Bono (Jul 16)
- Re: New Cisco Vulnerability Petri Helenius (Jul 16)
- <Possible follow-ups>
- Re: New Cisco Vulnerability Gregory Hicks (Jul 16)
  - Re: New Cisco Vulnerability John Payne (Jul 16)
    - Re: New Cisco Vulnerability Jay Hennigan (Jul 16)
    - Re: New Cisco Vulnerability David Raistrick (Jul 16)
    - Re: New Cisco Vulnerability Petri Helenius (Jul 16)
    - Re: New Cisco Vulnerability Eric Gauthier (Jul 16)
    - Re: New Cisco Vulnerability Michael Sinatra (Jul 16)
- Re: New Cisco Vulnerability John Curran (Jul 16)
- Re: New Cisco Vulnerability Eric Gauthier (Jul 17)