TCP-ACK vulnerability (was RE: SSH on the router)
Christopher L. Morrow
christopher.morrow at mci.com
Thu Jun 10 05:17:28 UTC 2004
On Wed, 9 Jun 2004, Sean Donelan wrote:
>
> http://www.cisco.com/warp/public/707/cisco-sa-20040609-catos.shtml
>
> IP Permit Lists will not provide any mitigation against this vulnerability.
>
> The race is on, who will find your switches first?
>
makes one wonder about all that virus-foo running around splashing packets
at 0/0:80... I wonder if any of that might have triggered these reloads
over the last, how long? Since catos was born? :(
a good thing, I think, cisco is finding and releasing these
problems/bugs/'features' in their platforms and thus working through
quality control issues. it's nice, other vendors should do the same for
things that get connected to the public network.
-Chris
More information about the NANOG
mailing list