OPS: SECURITY new packet of death
James D. Butt
jbutt at mwci.net
Fri Nov 21 15:51:55 UTC 1997
> > land.c is this program
>
> I tried it against a 7505 running 11.2(9)P and a 2511 running 11.2(7a),
> with no obvious bad effects. The announcement does not indicate which
> IOS versions are vulnerable; I'd love to know.
Snipit of a message on bugtraq dated today..
Ascend Pipeline 50 rev 5.0Ap13 NOT vulnerable
Cisco IOS 10.3(7) IS vulnerable
Cisco 2511 IOS ??? IS vulnerable
Cisco 753 IOS ??? IS vulnerable
LaserJet Printer NOT vulnerable
Livingston Office Router (ISDN) IS vulnerable
Livingston PM* ComOS 3.5b17 + 3.7.2 NOT vulnerable
NCD X Terminals, NCDWare v3.2.1 IS vulnerable
Off of another message..
I just tested land.c on a cisco 753 router running version 4.0 of the os.
It DID freeze the router when I hit it on port 23. The router wasn't able
to reach the internal lan or the wan and some lights on the front of the
router were frozen also. I couldn't ping or telnet to the router, the
only way to restart it is a hard reboot.
--------------------------------------------------------------------------
James D. Butt 'J.D.'
Network Engineer Voice 319-557-8463
Network Operations Center Fax 319-557-9771
MidWest Communications, Inc. Pager 319-557-6347
241 Main St. noc at mwci.net
Dubuque, IA 52001 jbutt at mwci.net
--------------------------------------------------------------------------
More information about the NANOG
mailing list