OPS: SECURITY new packet of death
John Hawkinson
jhawk at bbnplanet.com
Fri Nov 21 16:47:31 UTC 1997
> > land.c is this program
>
> I tried it against a 7505 running 11.2(9)P and a 2511 running 11.2(7a),
> with no obvious bad effects. The announcement does not indicate which
> IOS versions are vulnerable; I'd love to know.
11.1(1) is certainly vulnerable, though in a far more restricted
fashion than most affected TCP/IP stacks are.
I suspect that you may have ben careless in your porting of the exploit...
To answer Mr. Denninger's query, I don't really feel that releasing the
portable version of the exploit on a list with as many unsavory characters
as NANOG is really a great plan. In the grand scheme of things it almost
certainly doesn't matter, but I'll nevertheless
avoid it.
--jhawk
More information about the NANOG
mailing list