[c-nsp] Cisco Security Advisory: Crafted IP Option Vulnerability
Ted Mittelstaedt
tedm at toybox.placo.com
Thu Jan 25 03:43:20 EST 2007
----- Original Message -----
From: "Andre Gironda" <andre at operations.net>
To: "Kevin Graham" <mahargk at gmail.com>
Cc: <full-disclosure at lists.grok.org.uk>; <nanog at merit.edu>;
<cisco-nsp at puck.nether.net>
Sent: Wednesday, January 24, 2007 11:38 PM
Subject: Re: [c-nsp] Cisco Security Advisory: Crafted IP Option
Vulnerability
> I would say that this would work:
>
http://addxorrol.blogspot.com/2007/01/one-of-most-amusing-new-features-of.html
>
>
> So it's too late. Don't bother upgrading now; you're already owned.
> Unless they are blocking it at the ISP borders in the same way they
> blocked out the Cisco IPv4 Crafted DoS vulnerability in 2003. ISP's
> probably got the patch (or at least Cisco's ISP's did) a week ago.
> Had rolling reboots lately? Don't know why? Lots of "miscellaneous"
> ISP maintenace. I wonder...
>
Ahhhhhhhhhhhh....
So many routers, so little time...
Ted
More information about the cisco-nsp
mailing list