Cisco cover up
Stephen Sprunk
stephen at sprunk.org
Thu Jul 28 18:43:31 UTC 2005
Thus spake "Mikael Abrahamsson" <swmike at swm.pp.se>
> On Thu, 28 Jul 2005, Mark Owen wrote:
>
>> Cisco had the exploit fixed in April and no longer offers the exploitable
>> OS for download on their site.
>
> And the list of vulnerable IOS versions is where....?
>
> I don't care exactly what the exploit is but I want to know the risks
> involved and what versions are vulnerable. Any workarounds available
> would be nice as well, the fewer routers potentially needing immediate
> upgrade to fixed IOS the better.
The short answer is, if an image is still on CCO, it's not vulnerable. That
applies to both this problem and any other security problems Cisco has
patched but not published notices for yet.
S
Stephen Sprunk "Those people who think they know everything
CCIE #3723 are a great annoyance to those of us who do."
K5SSS --Isaac Asimov
More information about the NANOG
mailing list