[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] [c-nsp] Cisco Security Advisory: Crafted IP Option Vulnerability
- To: <andre@xxxxxxxxxxxxxx>, "Kevin Graham" <mahargk@xxxxxxxxx>
- Subject: Re: [Full-disclosure] [c-nsp] Cisco Security Advisory: Crafted IP Option Vulnerability
- From: "Ted Mittelstaedt" <tedm@xxxxxxxxxxxxxxxx>
- Date: Thu, 25 Jan 2007 00:43:20 -0800
----- Original Message -----
From: "Andre Gironda" <andre@xxxxxxxxxxxxxx>
To: "Kevin Graham" <mahargk@xxxxxxxxx>
Cc: <full-disclosure@xxxxxxxxxxxxxxxxx>; <nanog@xxxxxxxxx>;
<cisco-nsp@xxxxxxxxxxxxxxx>
Sent: Wednesday, January 24, 2007 11:38 PM
Subject: Re: [c-nsp] Cisco Security Advisory: Crafted IP Option
Vulnerability
> I would say that this would work:
>
http://addxorrol.blogspot.com/2007/01/one-of-most-amusing-new-features-of.html
>
>
> So it's too late. Don't bother upgrading now; you're already owned.
> Unless they are blocking it at the ISP borders in the same way they
> blocked out the Cisco IPv4 Crafted DoS vulnerability in 2003. ISP's
> probably got the patch (or at least Cisco's ISP's did) a week ago.
> Had rolling reboots lately? Don't know why? Lots of "miscellaneous"
> ISP maintenace. I wonder...
>
Ahhhhhhhhhhhh....
So many routers, so little time...
Ted
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/