[scg-sec] Cisco Security Advisory: Cisco IOS Malformed OSPF
Packet Causes Reload
Wendy Garvin
wgarvin at cisco.com
Wed Aug 18 12:52:47 EDT 2004
The munged packets are not known outside of us, it was found internally and
we're counting on having a good deal of time before it's figured out. OSPF
has a big header with lots of fields and combinations of fields, it's not
intuitive to guess.
If you can monitor for OSPF packets coming in from the edge, that should
give you some warning, if you need more specifics let me know (in email) and
I'll call you. Right now I'm on all my phones.
-Wendy
> Sean Donelan <sean at donelan.com> [2004-08-18 09:12] wrote:
> On Wed, 18 Aug 2004, Wendy Garvin wrote:
> > If you want a technical call on this to come up to speed quickly, please let
> > me know. Our best technical resource is in Europe, so let's shoot for no
> > later than 11 PDT/3 EDT.
>
> I guess Wendy is back from vacation.
>
> The IS-IS backbones probably don't care. But for the OSPF backbones, any
> idea if the magic packet(s) are known outside of the vendor? Or do we
> have a few hours before it is reversed-engineered?
>
> Thanks,
> sean.
>
>
> [ ----- End of Included Message ----- ]
--
Wendy Garvin - Cisco PSIRT - 408 525-1888 CCIE# 6526
----------------------------------------------------
http://www.cisco.com/go/psirt
More information about the scg-sec
mailing list