From: Frank Jimenez (franjime@cisco.com)
Date: Thu Jul 17 2003 - 20:19:50 GMT-3
All interested parties might want to re-review the PSIRT advisory at
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
Please make sure that you are reading the latest advisory (Version 1.3 as of
this email)
Frank Jimenez, CCIE #5738
Systems Engineer
Cisco Systems, Inc.
franjime@cisco.com
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]
Sent: Thursday, July 17, 2003 4:54 PM
To: cisco@groupstudy.com
Subject: Re: a really big bug [7:72463]
It sounds like this is a hypothetical packet and situation that Cisco quality
assurance discovered. I thought it was something already being exploited, but it
doesn't sound like it. In that case, I guess I support Cisco not telling us more
about it.
It's sort of an age-old security question of how much info to publish. The info
would help the white hats, but also the black hats.
Unfortunately, I can't look at bug reports (even with my guest access!?) Maybe
there's more in the bug reports. I still want to know more about these packets.
:-) But I guess I'll have to do more research....
Priscilla
M.C. van den Bovenkamp wrote:
>
> Duncan Maccubbin wrote:
>
> > I was on a conference call with Cisco and the Cisco rep felt
> we were
> > overreacting by rushing to change our code right away, He
> said that the
> > packet was extremely difficult to create and the person would
> have to be a
> > "genius" to make it.
>
> As we don't know exactly *what* you need to do, it's difficult to say
> whether he's right or not. But my gut says he's wrong; as soon
> as you
> *do* know, there are 'packetfactory'-tools enough about...
>
> Regards,
>
> Marco.
This archive was generated by hypermail 2.1.4 : Wed Aug 06 2003 - 06:52:43 GMT-3