Patching for Cisco vulnerability
Petri Helenius
pete at he.iki.fi
Fri Jul 18 20:03:59 UTC 2003
>
> if (ifc->in_bps > ifc->phy_speed || ifc->out_bps > ifc->phy_speed)
> {
> crash_router();
> }
>
> If they added this code, they'd find these bugs in their
> labs instead of in our networks.
>
I remember seeing an article claiming that Cisco´s automated regression
testing does "more than 250000" tests before they release a piece of code.
However, questions about the nature of these tests and if any tests sent
more traffic than a random scripted ping went unanswered.
Pete
More information about the NANOG
mailing list