Saying goodnight to my GSR

Keith Medcalf kmedcalf at dessus.com
Sat Sep 20 21:17:17 UTC 2014


I do not see any vulnerabilities listed there.  Only documentation of behavioral bugs, caveats, and restrictions.

A "vulnerability" would be something like the one Microsoft introduced into all versions of the Windows IP stack after Windows 2003 and Windows XP wherein "the Operating System will execute the payload of an IP packet with SYSTEM authority and SYSTEM integrity when a crafted IP packet is received in which a certain combination of invalid and reserved header bits are set".

>-----Original Message-----
>From: Ruairi Carroll [mailto:ruairi.carroll at gmail.com]
>Sent: Saturday, 20 September, 2014 14:57
>To: Keith Medcalf
>Cc: Daniel Sterling; Bacon Zombie; nanog at nanog.org
>Subject: Re: Saying goodnight to my GSR
>
>> And what, exactly, is it vulnerable to?
>
>Most of these, I'd imagine:
>http://www.cisco.com/c/en/us/td/docs/ios/12_0s/release/ntes/120SCAVS.html
>
>
>On 20 September 2014 14:25, Keith Medcalf <kmedcalf at dessus.com> wrote:
>
>
>
>	And what, exactly, is it vulnerable to?
>
>
>	>-----Original Message-----
>	>From: NANOG [mailto:nanog-bounces at nanog.org] On Behalf Of Daniel
>Sterling
>	>Sent: Saturday, 20 September, 2014 12:06
>	>To: Bacon Zombie
>	>Cc: nanog at nanog.org
>	>Subject: Re: Saying goodnight to my GSR
>	>
>	>Again, you're focusing resentment towards someone who did the right
>	>thing. Negative reinforcement will discourage others from taking
>	>action and will discourage them from encouraging others to take
>	>action.
>	>
>	>Let's focus on who still has vulnerable equipment and how to help
>	>them. Let's not shame people who did the right thing
>	>
>	>Thanks,
>	>Dan
>	>
>	>
>	>On Sat, Sep 20, 2014 at 1:59 PM, Bacon Zombie
><baconzombie at gmail.com>
>	>wrote:
>	>> OK thank you for decommissioning this.*
>	>>
>	>> * Only if you either had authority to do so for max 1 year or had
>no
>	>> authority but were fighting to have it patches or replaced for
>years.
>	>> On Sep 20, 2014 7:54 PM, "Daniel Sterling"
><sterling.daniel at gmail.com>
>	>> wrote:
>	>>
>	>>> On Sat, Sep 20, 2014 at 1:37 PM, Bacon Zombie
><baconzombie at gmail.com>
>	>>> wrote:
>	>>>
>	>>> > So when was the last time you patched this internet facing
>device?
>	>>>
>	>>> Isn't the better response, thank you for decommissioning it?
>	>>>
>	>>> Can someone from cisco set up a poll or release whatever numbers
>they
>	>>> have about how many of these old devices are still in service?
>	>>>
>	>>> Thanks,
>	>>> Dan
>	>>>
>
>
>
>
>






More information about the NANOG mailing list