possible exploit.. (Cisco Issue)
Gerald
gcoon at inch.com
Fri Jul 18 17:52:33 UTC 2003
*raising hand* guilty of not reading past "Distribution" after version
1.0.
Someone else pointed that out off list.
Thanks,
Gerald
On Fri, 18 Jul 2003, Barry Raveendran Greene wrote:
>
> The changes are all detailed at the bottom of the advisory.
>
> > -----Original Message-----
> > From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu] On Behalf Of
> > Gerald
> > Sent: Friday, July 18, 2003 8:43 AM
> > To: nanog at merit.edu
> > Subject: Re: possible exploit.. (Cisco Issue)
> >
> >
> > Wouldn't it be nice if they would CVS-web this thing so I can just see the
> > lines that they have changed on each revision. :-)
> >
> > ...off to read 1.5
> >
> > G
> >
> > On Fri, 18 Jul 2003, NANOG wrote:
> >
> > >
> > > It appears Cisco has seen the posting too. The Cisco PSIRT updated
> > > their announcement to 1.4 at 5am this morning. The sentence in the
> > > "Exploitation and Public Announcments" section is new and states that
> > > they are aware that the exploitation "has been publised on a public
> > > mailing list".
> > > The link is the same, but the version number has changed:
> > > http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
> > >
> > > Len Rose wrote:
> > >
> > > >It seems to work.
> > > >
> > > >On Fri, Jul 18, 2003 at 02:39:18AM -0400, Len Rose wrote:
> > > >
> > > >
> > > >
> > > >>This was posted a while ago.
> > > >>
> > > >>http://lists.netsys.com/pipermail/full-disclosure/2003-
> > July/011421.html
> > > >>http://lists.netsys.com/pipermail/full-disclosure/2003-
> > July/011420.html
> > > >>
> > > >>I haven't had the chance to test it in a controlled environment yet.
> > > >>
> > > >>
> > > >
> > > >
> > > >
> > >
>
>
More information about the NANOG
mailing list