[c-nsp] Cisco Security Advisory: TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products

Michael Ulitskiy mulitskiy at acedsl.com
Thu Sep 10 17:55:50 EDT 2009


Hello,

I have a couple of 7200s that's currently running 12.4(23) (c7200-ik9s-mz.124-23.bin) which is listed 
vulnerable and I need to have some tcp port open (PPTP VPN), so I'm planning to upgrade to 
recommended 12.4(23b).
When I was comparing 12.4(23) and 12.4(23b) images in feature navigator I've noticed that
to my surpise 12.4(23b) doesn't support CAR which I need.
I loaded the image into dynamips and it seems to accept rate-limit commands, but it's hard to check
with dynamips whether it's really limiting anything. 
Unfortunately I don't have spare equipment to test, so I wonder if someone from cisco can comment 
on this. Is it just feature navigator typo or they really removed the feature in this rebuild?
Thanks a lot,

Michael


More information about the cisco-nsp mailing list