CISCO 0-day exploits

• Previous message (by thread): CISCO 0-day exploits
• Next message (by thread): google cloud console is slow
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/02/2020 18:13, Scott Weeks wrote:
> Just because you use cisco devices doesn't mean you have to use 
> their proprietary protocols, such as EIGRP or CDP.  OSPF or LLDP
> work just fine and interoperate with other vendors... :)


The CDPwn vulnerability covers similar vulnerabilities in LLDP, and does
indeed demonstrate that network segmentation (i.e. "dude it's just L2")
is not the last word in mitigating against said vulnerabilities.

You ought to all be far more concerned, IMO.

-- 
Tom

• Previous message (by thread): CISCO 0-day exploits
• Next message (by thread): google cloud console is slow
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]