RE: possible exploit.. (Cisco Issue)

[Gerald <gcoon () inch com>]

*raising hand* guilty of not reading past "Distribution" after version
1.0.

Someone else pointed that out off list.

Thanks,

Gerald

On Fri, 18 Jul 2003, Barry Raveendran Greene wrote:

> The changes are all detailed at the bottom of the advisory.
>
> > -----Original Message-----
> > From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of
> > Gerald
> > Sent: Friday, July 18, 2003 8:43 AM
> > To: nanog () merit edu
> > Subject: Re: possible exploit.. (Cisco Issue)
> >
> >
> > Wouldn't it be nice if they would CVS-web this thing so I can just see the
> > lines that they have changed on each revision. :-)
> >
> > ...off to read 1.5
> >
> > G
> >
> > On Fri, 18 Jul 2003, NANOG wrote:
> >
> > > It appears Cisco has seen the posting too.  The Cisco PSIRT updated
> > > their announcement to 1.4 at 5am this morning.  The sentence in the
> > > "Exploitation and Public Announcments" section is new and states that
> > > they are aware that the exploitation "has been publised on a public
> > > mailing list".
> > > The link is the same, but the version number has changed:
> > > http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
> > >
> > > Len Rose wrote:
> > >
> > > > It seems to work.
> > > >
> > > > On Fri, Jul 18, 2003 at 02:39:18AM -0400, Len Rose wrote:
> > > >
> > > >
> > > >
> > > > > This was posted a while ago.
> > > > >
> > > > > http://lists.netsys.com/pipermail/full-disclosure/2003-
> > July/011421.html
> > > > > http://lists.netsys.com/pipermail/full-disclosure/2003-
> > July/011420.html
> > > > > I haven't had the chance to test it in a controlled environment yet.