[c-nsp] Cisco Security Advisory: Cisco IOS Software RSVP Vulnerability

Lukas Tribus luky-37 at hotmail.com
Thu Sep 25 06:25:46 EDT 2014


> IOS Software Checker is a nice tool, do keep it. But for the "helicopter
> view" the comprehensive list is a really great help. And it's no problem
> that the list is a snapshot at publication time. The fast response to a
> serious vulnerability is the hours or days immediately after the
> advisory has been posted.


The previous view including affected and fixed releases on a per-branch
basis is way more useful and faster.

I want to know the first fixed release of a specific advisory and the first
fixed release of the complete advisory bundle WITHOUT tricking
the software checker into giving me that information by using trial&error
until I find an IOS that makes the software checker provide that information.

Yes, the software checker is extremely useful (when I have one or multiple
specific IOS releases and I want to know the advisories), but not the other
way around (when I know the advisory and need to understand the impact
on my network).




More information about the cisco-nsp mailing list