[c-nsp] 3750 and CVE-2018-0167

Brian Turnbow b.turnbow at twt.it
Thu May 31 13:03:23 EDT 2018


Hi Sebastian,

We don't use lldp, but you can turn it off on an interface by interface
bassis.
Why run it on ports with devices outside of your control?


Brian




> -----Original Message-----
> From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of
> Sebastian Beutel
> Sent: mercoledì 30 maggio 2018 17:52
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] 3750 and CVE-2018-0167
>
> Dear list,
>
>     we're still having some Cat 3750 in operation and it will still take
some time
> till we can retire the last ones. We've asked Cisco whether they are
planning
> to publish a new software image for this platform that fixes
> CVE-2018-0167 despite the fact that the product is way beyond end of
> security and vulnerability support.
>     Our Cisco representative stated that they are not planning to do so
despite
> the severity of the bug. He also said we're the only customer having
this issue.
> So my question is: If you're still running 3750s, how do you deal with
this?
>
> Best,
>    Sebastian.
>
> P.S.: Cisco's advisory:
>
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisc
o-
> sa-20180328-lldp
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list