From: Jay Hennigan (jay@xxxxxxxx)
Date: Mon Feb 26 2001 - 22:28:50 GMT-3
On Mon, 26 Feb 2001, Troy Rader wrote:
> I'm told this is a somewhat limited backdoor. It is not full SNMP access,
> only access to LANE & PNNI mib variables, the sysname, loc, and contact. It
> is resolved either with IOS upgrades, or some Cisco recommended config
> changes.
>
> I consider this information very reliable. Has anyone heard differently?
I brought the question to the attention of security-alert@cisco.com and
received a followup telephone call. Their representative indicates that
Cisco will be releasing a public statement about it within 24 hours.
It is a real issue. I've heard nothing official as to the extent of the
vulnerability.
-- Jay Hennigan - Network Administration - jay@west.net NetLojix Communications, Inc. NASDAQ: NETX - http://www.netlojix.com/ WestNet: Connecting you to the planet. 805 884-6323
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:04 GMT-3