possible exploit.. (Cisco Issue)

Len_Rose1 · July 18, 2003, 6:39am

This was posted a while ago.

http://lists.netsys.com/pipermail/full-disclosure/2003-July/011421.html
http://lists.netsys.com/pipermail/full-disclosure/2003-July/011420.html

I haven't had the chance to test it in a controlled environment yet.

Len_Rose1 · July 18, 2003, 7:25am

It seems to work.

NANOG15 · July 18, 2003, 10:24am

It appears Cisco has seen the posting too. The Cisco PSIRT updated their announcement to 1.4 at 5am this morning. The sentence in the "Exploitation and Public Announcments" section is new and states that they are aware that the exploitation "has been publised on a public mailing list".
The link is the same, but the version number has changed:
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml

Len Rose wrote:

Gerald · July 18, 2003, 3:43pm

Wouldn't it be nice if they would CVS-web this thing so I can just see the
lines that they have changed on each revision.

...off to read 1.5

G

Barry_Greene_bgreene · July 18, 2003, 4:13pm

The changes are all detailed at the bottom of the advisory.

Gerald · July 18, 2003, 5:52pm

*raising hand* guilty of not reading past "Distribution" after version
1.0.

Someone else pointed that out off list.

Thanks,

Gerald