[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1309640548.20100702125913@Zoller.lu>
Date: Fri, 2 Jul 2010 12:59:13 +0200
From: Thierry Zoller <Thierry@...ler.lu>
To: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: Should nmap cause a DoS on cisco routers?
Slippery Slopes everywhere :
DR> Again, causing the RP CPU to go to 100% due to punted
DR> management-plane traffic isn't a new phenomenon
1. Nobody claimed it to be a new phenomenon
2. He is not saturating anything.
DR> Of course PSIRT will ask for details, as they should; my point is
DR> that there's likely nothing new to see here,
Oh that's the point now? I thought your point was that it is not a security "bug".
I agree on the "nothing new" here, "new" however is not a relevant attribute to
decide on whether it is a vulnerability or not.
DR> Even if there is something new, here - which I doubt - it's
DR> important that folks understand that there are BCPs they can
We heard your BCPs and XZY clearly, doesn't make it less of a
vulnerability.
DR> The original poster asked if this were a configuration issue -
DR> and the answer is, yes
Interesting, how do you know ?
1. you do not know what caused the problem
2. you do obviously do not know what packets caused the problems
If it is a default configuration and you can remotely cause a
denial of service condition : it is a vulnerability.
If it is a non standard configuration and you can remotely cause a
denial of service condition : it is a vulnerability.
DR> vulnerabilities - as opposed to merely saturating the RP of a
DR> given network device with management-plane traffic. Some of them
Last time : He appears to not be saturating anything. nmap -sV does
surely not create saturisation...
DR> And many of them could be mitigated via BCPs until such time as
DR> fixed code could be deployed, as well.
There it is again, BCP. Is this the new "IDS" ?
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists