[c-nsp] Cisco Security Advisory: Crafted IP Option Vulnerability
Kevin Graham
mahargk at gmail.com
Thu Jan 25 00:18:08 EST 2007
On Wed, 24 Jan 2007, Cisco Systems Product Security Incident Response
Team wrote:
> Cisco Security Advisory: Crafted IP Option Vulnerability
If I recall correctly, this is the first (PSIRT acknowledged)
stack/heap vulnerability since Michael Lynn's much-publicized BlackHat
presentation. While there was plenty of brief speculation at the time
of what Chinese/Russian/American-xenophobic-target hax0rs had already
implemented, not much bubbled up to the operational world...
Does anyone more active in the security community have pointers as to
how generic (and common) are tools targeting IOS exist?
On 1/24/07, Paul Stewart <paul at paulstewart.org> wrote:
> I have read over this and am "fearful" of what I read.. my first thought is
> to drop everything, get emergency maintenance window releases and spend a
> couple of nights upgrading like crazy...
"20070124-crafted-tcp" seems obvious enough (though it would've been
good for PSIRT to indicate how "small" the leakage per packet is to
gauge CoPP values), but "20070124-crafted-ip-option" likely should
tingle your spine.
More information about the cisco-nsp
mailing list