[c-nsp] Cisco Security advisory,
am I ok? Authentication Proxy for FTP and Telnet Sessions Buffer
Overflow
Dennis Peng
dpeng at cisco.com
Fri Sep 9 19:42:25 EDT 2005
Fetzer, Bryan [BFetzer at bresnan.com] wrote:
> Cisco NSP crew,
>
> (apologies in advance if this has been addressed)
>
>
>
> The following was released from Cisco yesterday:
> http://www.cisco.com/warp/public/707/cisco-sa-20050907-auth_proxy.shtml
>
>
>
> I am debating whether or not any of my routers will be subject to this
> affliction.
>
>
>
> I do NOT have the auth-proxy command in place for any specific interface
>
> Here's an example of the show command recommended by the aforementioned
> security bulletin.
>
>
>
> #show ip auth-proxy configuration
>
> Authentication global cache time is 60 minutes
>
> Authentication Proxy Watch-list is disabled
>
>
>
> That is the only output, and from what I can tell from the advisory at
> first glance it appears I am ok.
Yes, you are ok. I'd imagine that MOST service provider aren't doing
proxy-auth, but who knows...
Dennis
> Obviously the recommended path would be
> to upgrade everything ASAP, but I need to know if this should be a
> freak-out session or a well thought out upgrading of code gradually.
>
>
>
> Bryan Fetzer
>
> Network Engineer
>
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list