[c-nsp] 3750 and CVE-2018-0167

Gert Doering gert at greenie.muc.de
Mon Jun 4 13:23:57 EDT 2018


Hi,

On Mon, Jun 04, 2018 at 07:15:04PM +0200, Sebastian Beutel wrote:
> On Mon, Jun 04, 2018 at 11:41:52AM -0400, Chuck Church wrote:
> > I thought with LLDP you can turn off receive and transmit of LLDP messages
> > separately.  If you disable the receipt of them and only transmit, does
> > that address the issue?
> >
> The security advisory mentioned no workaround. Maybe this could help and we
> will definitively give it a try. Maybe we even find an exploit to test it.
> Thanks for the suggestion.

"no receive" will work around, but it might break your phones if they
use LLDP to negotiate a voice VLAN...

> > These switches are end of all support dates. They most surely won't
> > address this bug.
> >
> I know. End of shipping was 2013 and end of security was 2016. But as this
> plattform is still widely useed, my naive hope was, that Cisco could utilise
> this issue to demonstrate the world that they offer the benefits of a
> premium class vendor that doesn't sell their customers down the river, even
> if their product is long out of sale. 

3750 was never "premium anything", except "premium price"

gert
-- 
"If was one thing all people took for granted, was conviction that if you 
 feed honest figures into a computer, honest figures come out. Never doubted 
 it myself till I met a computer with a sense of humor."
                             Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany                             gert at greenie.muc.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 630 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20180604/a6fdba40/attachment.sig>


More information about the cisco-nsp mailing list