Cisco IOS Vulnerability

• Previous message (by thread): Cisco IOS Vulnerability
• Next message (by thread): Cisco IOS Vulnerability
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

If Cisco made THIS big a deal of this to not release info to the public,
I wouldn't wait.  There must be a reason.  I had to push and push to get
any info and I think they finally gave up because too many people knew.
If you notice 

http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml

For Public Release 2003 July 17 at 0:00 UTC (GMT)

But at the bottom is says:
Distribution 
This notice will be posted on the Cisco worldwide website at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml at
21:00 GMT on July 17th, 2003. 

Hmmm... I think that means 4PM CT TOMORROW!  From what I understand they
didn't want this to be public until tomorrow afternoon.

- D

-----Original Message-----
From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu] On Behalf Of
Mikael Abrahamsson
Sent: Thursday, July 17, 2003 12:48 AM
To: nanog at merit.edu
Subject: RE: Cisco IOS Vulnerability



On Wed, 16 Jul 2003, Darrell Kristof wrote:

> 
> Cisco Security Advisory: Cisco IOS Interface Blocked by IPv4 Packet 
> http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml

IS anyone seeing this exploited in the wild? It'd be good to know if we 
need to do panic upgrade or can schedule it for our next maintenance 
window (which is during the weekend).

-- 
Mikael Abrahamsson    email: swmike at swm.pp.se

• Previous message (by thread): Cisco IOS Vulnerability
• Next message (by thread): Cisco IOS Vulnerability
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]