nanog mailing list archives

Re: Ars breaks Misfortune Cookie vulnerability news to public

From: Javier J <javier () advancedmachines us>
Date: Fri, 19 Dec 2014 23:28:30 -0500

Haha, yeah I spoke too soon.

Happy Holidays.

Also has anyone looked at the list of devices / vendors that are using that
software?

https://www.allegrosoft.com/about-allegro-software#tabs-896-0-4

Did the vendors know their vendor was giving them buggy software?

What is the test for this vuln?

On Fri, Dec 19, 2014 at 8:01 PM, Niels Bakker <niels=nanog () bakker net>
wrote:

* javier () advancedmachines us (Javier J) [Sat 20 Dec 2014, 00:50 CET]:

Glad I'm using a freebsd based routing solution.


Time to update that one too: https://ics-cert.us-cert.gov/
advisories/ICSA-14-353-01


        -- Niels.

Current thread:

Ars breaks Misfortune Cookie vulnerability news to public Jay Ashworth (Dec 19)
- Re: Ars breaks Misfortune Cookie vulnerability news to public Javier J (Dec 19)
  - Re: Ars breaks Misfortune Cookie vulnerability news to public Niels Bakker (Dec 19)
    - Re: Ars breaks Misfortune Cookie vulnerability news to public Javier J (Dec 19)
- Re: Ars breaks Misfortune Cookie vulnerability news to public Eric Tykwinski (Dec 19)
  - Re: Ars breaks Misfortune Cookie vulnerability news to public Ken Chase (Dec 19)
  - RE: Ars breaks Misfortune Cookie vulnerability news to public Frank Bulk (Dec 19)