As part of our vulnerability tests, we have been unable to confirm that the
smaller catalyst switches running IOS but without L3 capability are
vulnerable. They don't seem to react in a negative way to the same attacks
that lock up the other devices we have tested. Has anyone else been able to
verify this one way or the other?
My testing with the exploit I initially created has no effect on L2 only
catalysts, like 2924XL or so. I haven�t been able to figure out the
right sequence if any to accomplish that. No effect even on the management
interface.
Pete