lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20030724203004.60F846930@mdev.river.com>
From: rdump at river.com (Richard Johnson)
Subject: Re: Cisco IOS Denial of Service  that affects most Cisco IOS routers- requires power cycle to recover

In article 
<1059029372.1180.7.camel@...ndil.intranet.cartel-securite.net>,
 Cedric Blancher <blancher@...tel-securite.fr> wrote:

> I checked this and it appears packets have to be addressed to target
> router. Transit evil packets which TTL would expire on a router won't
> affect it.


Our networking guys say that TTL expiry inbound or outbound from a 
vulnerable router may only cause queue fillup when using PIM packets.  
(I'd test directly before posting, but multicast is enabled on all our 
Ciscos.)

If no-one can confirm a failure en passant, then I'd say directly 
addressing the router's IP is required.


Richard

-- 
My mailbox. My property. My personal space. My rules. Deal with it.
                        http://www.river.com/users/share/cluetrain/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ