nanog mailing list archives
Re: Cisco IOS Vulnerability
From: Valdis.Kletnieks () vt edu
Date: Thu, 17 Jul 2003 03:07:43 -0400
On Thu, 17 Jul 2003 01:05:46 CDT, Darrell Kristof <darrell.kristof () wholefoods com> said:
If Cisco made THIS big a deal of this to not release info to the public, I wouldn't wait. There must be a reason. I had to push and push to get any info and I think they finally gave up because too many people knew.
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
which says... "Customers with contracts should obtain upgraded software free of charge through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on the Cisco worldwide website at http://www.cisco.com/tacpage/sw-center/sw-ios.html." I may have been a few off, but I counted *139* different trains on that page as being affected. The 12.0S train alone has *13* different rebuilds. And there's *gotta* be at least 3-4 trains that suffer from bad karma and refuse to rebuild unless the Rebuild Wizard comes by and sprinkles Magic Rebuild Dust all over the place, and then there's the special procedure put in place after last year's debacle when the Magic Rebuild Dust got on that llama... ;) In other words - yeah, it's probably important to get this update deployed. But unless somebody has hard evidence to the contrary, I'm betting on it just being an attempt to not let things leak out till they're ready to ship across the board. That's a LOT of trains and rebuilds that all need to be ready at the same time, and Fred Brooks taught us all 30 years ago what happens when you try something like that. :)
Attachment:
_bin
Description:
Current thread:
- Re: Cisco IOS Vulnerability, (continued)
- Re: Cisco IOS Vulnerability Jeff Kell (Jul 16)
- Re: Cisco IOS Vulnerability Jack Bates (Jul 17)
- Re: Cisco IOS Vulnerability Andy Dills (Jul 17)
- Re: Cisco IOS Vulnerability Joe Abley (Jul 17)
- Re: Cisco IOS Vulnerability micah mcnelly (Jul 17)
- Re: Cisco IOS Vulnerability Michael Painter (Jul 17)
- Re: Cisco IOS Vulnerability Daniel Karrenberg (Jul 18)
- Re: Cisco IOS Vulnerability joshua sahala (Jul 18)
- Re: Cisco IOS Vulnerability Petri Helenius (Jul 18)
- RE: Cisco IOS Vulnerability Darrell Kristof (Jul 16)
- Re: Cisco IOS Vulnerability Valdis . Kletnieks (Jul 17)
- Re: Cisco IOS Vulnerability Brian Wallingford (Jul 17)
- RE: Cisco IOS Vulnerability Barry Raveendran Greene (Jul 17)
- Re: Cisco IOS Vulnerability Petri Helenius (Jul 17)
- RADb ? mike harrison (Jul 22)
- Re: RADb ? Kevin Oberman (Jul 22)
- Re: Cisco IOS Vulnerability Valdis . Kletnieks (Jul 17)
- Re: Cisco IOS Vulnerability Jack Bates (Jul 17)
- RE: Cisco IOS Vulnerability Jay Hennigan (Jul 17)
- Re: Cisco IOS Vulnerability now in the news Henry Linneweh (Jul 17)