lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1058386448.7742.45.camel@localhost>
From: chris at neitzert.com (christopher neitzert)
Subject: rumours of new Cisco IOS vulnerability

Details about the vulnerability here:
http://www.cisco.com/warp/public/707/cisco-sa-20030709-swtcp.shtml


Summary
After receiving eight TCP connection attempts using a non-standard TCP
flags combination, a Catalyst switch will stop responding to further TCP
connections to that particular service. In order to re-establish
functionality of that service, the switch must be rebooted. There is no
workaround. This vulnerability affects only CatOS. No other Cisco
products are affected.

This advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20030709-swtcp.shtml. 


Affected Products
The CatOS for the following Catalyst models are affected: 

      * Catalyst 4000 Series including models 2948G and 2980G/2980G-A 
        
      * Catalyst 5000 Series including models 2901, 2902 and 2926 
        
      * Catalyst 6000 
        
No other Cisco products are affected. 


On Wed, 2003-07-16 at 18:12, asi wrote:
> I've heard it only effects routers using BGP, but it's only rumours
> 
> 
> On Wed, 16 Jul 2003, Len Rose wrote:
> 
> > 
> > They've been discussing the existence of
> > a new Cisco IOS attack on the NANOG mailing
> > list (see http://www.merit.edu/mail.archives/nanog/ for
> > details)
> > 
> > According to what I've been reading it's a remotely
> > exploitable denial of service situation, based on
> > specially crafted packets designed to fill up the
> > "process switched" input queues on an interface.
> > 
> > It seemingly will cause the router to crash or
> > reboot.
> > 
> > I have no further details.
> > 
> > Len
> > 
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> > 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
-- 
Christopher Neitzert http://www.neitzert.com/~chris
 chris@...tzert.com - GPG Key ID: 7DCC491B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030716/1beddf5f/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ