From: P729 (p729@cox.net)
Date: Mon Mar 03 2003 - 12:09:43 GMT-3
FYI--This just in (from SANS):
(1) CRITICAL: Cisco IOS OSPF Neighbor Buffer Overflow
================================================================
Affected Products:
Cisco IOS Versions 11.1 - 12.0
Description:
Older versions of IOS contain a vulnerability in handling more than
255 distinct OSPF neighbor announcements per interface. Exploit
code has been posted that leverages the vulnerability to execute
attacker-supplied code on a vulnerable router resulting in complete
system compromise. The exploit code was developed by FX of Phenoelit,
who recently published a paper on writing buffer overflows for IOS.
Regards,
Mas Kato
https://ecardfile.com/id/mkato
----- Original Message -----
From: "P729" <p729@cox.net>
To: "Aaron Woody" <awoody@columbus.rr.com>; <ccielab@groupstudy.com>
Sent: Wednesday, February 12, 2003 12:27 AM
Subject: Re: OSPF for 400+ Locations
I have experience with OSPF but I am looking for suggestions on how to
implement OSPF in a Frame-Relay Hub/Spoke topology for 400+ locations. Each
location only needs to know about the host through a default.
My first idea
is to have a separate area for each location and make it a totally stubby
area. Is there a better way. My concern is that there will be 400+ areas in
the OSPF Database at the host.
The host will be a Cisco 3745. The remotes
will all be Cisco 1751.
Thanks!
Aaron
This archive was generated by hypermail 2.1.4 : Sat Apr 05 2003 - 08:51:31 GMT-3