Re: PoC Exploit Now Available for Cisco NHRP Vulnerability

[Gadi Evron <ge () linuxbox org>]

On Thu, 9 Aug 2007, Paul Ferguson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> If you're using NHRP and haven't patched, it might be a good
> idea to do so real soon now.
>
> A proof of concept exploit is now avialable which can crash a router
> configured with NHRP authentication enabled:
>
> http://www.milw0rm.com/exploits/4272
>
> Cisco security advisory from yesterday:
>
>
> http://www.cisco.com/en/US/products/products_security_advisory09186a0080899
> 63b.shtml
>
> FYI,

I guess we won't know if some of these are remote code execution until we 
have another Michael Lynn.

        Gadi.