Hello,
This may be old news to many, but I wanted to follow-up to the message I
sent last October on this subject:
<http://www.merit.edu/mail.archives/nanog/2002-10/msg00519.html>
We have now published information about this issue here:
<http://www.kb.cert.org/vuls/id/464113>
We also have a few reports of possible exploitation.
If you have feedback, please send mail to cert@cert.org with VU#464113 in
the subject header.
Thanks to the NANOG community for prior feedback on this issue.
Regards,
Ian
Ian Finlay
Internet Systems Security Analyst - CERT/CC Operations
Networked Systems Survivability Program