From: Jay Hennigan (jay@west.net)
Date: Fri Jul 18 2003 - 11:24:45 GMT-3
On Fri, 18 Jul 2003, Paul Borghese wrote:
> Hi Everyone,
>
>
>
> Global Knowledge is offering a free seminar on the new IPv4 DoS
> vulnerability. I have been allowed to invite the GroupStudy members to the
> seminar as I think some of you will find it interesting. Here is the
> complete invite:
>
>
>
> Foundstone Security Briefings:
>
> Cisco IPv4 Remote Denial of Service Vulnerability
snippage...
> This vulnerability should be considered extremely critical due to the impact
> and ease-of-exploitation. Devices are vulnerable to a Denial of Service
> (DoS) attack and although no known exploit has been yet identified, a
> complex purposely malicious sequence of IPv4 packets targeted to a
> vulnerable Cisco switch or router can cause the processing interface to stop
> processing traffic.
The above is no longer true, an exploit has been identified and publicly
posted. And the script kiddies are already rattling doorknobs, we're
seeing it hit random IPs. Time to hack out an IDS signature...
http://lists.netsys.com/pipermail/full-disclosure/2003-July/011420.html
http://lists.netsys.com/pipermail/full-disclosure/2003-July/011421.html
-- Jay Hennigan - CCIE #7880 - Network Administration - jay@west.net WestNet: Connecting you to the planet. 805 884-6323 WB6RDV NetLojix Communications, Inc. - http://www.netlojix.com/
This archive was generated by hypermail 2.1.4 : Wed Aug 06 2003 - 06:52:44 GMT-3