PoC Exploit Now Available for Cisco NHRP Vulnerability
Gadi Evron
ge at linuxbox.org
Thu Aug 9 18:18:22 UTC 2007
On Thu, 9 Aug 2007, Paul Ferguson wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> If you're using NHRP and haven't patched, it might be a good
> idea to do so real soon now.
>
> A proof of concept exploit is now avialable which can crash a router
> configured with NHRP authentication enabled:
>
> http://www.milw0rm.com/exploits/4272
>
> Cisco security advisory from yesterday:
>
>
> http://www.cisco.com/en/US/products/products_security_advisory09186a0080899
> 63b.shtml
>
> FYI,
I guess we won't know if some of these are remote code execution until we
have another Michael Lynn.
Gadi.
More information about the NANOG
mailing list