nanog mailing list archives

Re: CISCO 0-day exploits

From: Saku Ytti <saku () ytti fi>
Date: Mon, 10 Feb 2020 15:40:13 +0200

On Mon, 10 Feb 2020 at 13:52, Jean | ddostest.me via NANOG
<nanog () nanog org> wrote:

I really thought that more Cisco devices were deployed among NANOG.

I guess that these devices are not used anymore or maybe that I
understood wrong the severity of this CVE.


Network devices are incredibly fragile and mostly work because no one
is motivated to bring the infrastructure down. Getting any arbitrary
vendor down if you have access to it on L2 is usually so easy you
accidentally find ways to do it.
There are various L3 packet of deaths where existing infra can be
crashed with single packet, almost everyone has no or ridiculously
broken iACL and control-plane protection, yet business does not seem
to suffer from it.

Probably lower availability if you do upgrade your devices just
because there is a known issue, due to new production affecting
issues.

-- 
  ++ytti

Current thread:

CISCO 0-day exploits Jean | ddostest.me via NANOG (Feb 07)
- Re: CISCO 0-day exploits Jean | ddostest.me via NANOG (Feb 10)
  - Re: CISCO 0-day exploits tim () pelican org (Feb 10)
  - Re: CISCO 0-day exploits Saku Ytti (Feb 10)
    - Re: CISCO 0-day exploits Jean | ddostest.me via NANOG (Feb 10)
    - Re: CISCO 0-day exploits Tom Hill (Feb 10)
    - Re: CISCO 0-day exploits Ahmed Borno (Feb 10)
    - Re: CISCO 0-day exploits Saku Ytti (Feb 11)
    - Re: CISCO 0-day exploits Harlan Stenn (Feb 11)
    - Re: CISCO 0-day exploits Ahmed Borno (Feb 11)
    - Re: CISCO 0-day exploits Saku Ytti (Feb 11)
    - Re: CISCO 0-day exploits Ahmed Borno (Feb 11)
    - Re: CISCO 0-day exploits sronan (Feb 11)
- <Possible follow-ups>
- Re: CISCO 0-day exploits Scott Weeks (Feb 10)

(Thread continues...)