Jason Frisvold writes:
Just for fun we hit an old AGS+ router with 10.2(4) code on it.. Apparently older code is vulnerable too..
You are correct. The vulnerability was introduced back in 1994 in a patch that was integrated into 10.0(6.1) and 10.2(1.6). The vuln is present in any release that follows in those same trains, such as 10.2(4) as you confirmed above, as well as in all of 10.3. All other prior versions of IOS do not contain the software that introduced the vulnerability and are probably not vulnerable, but I will not be able to confirm that by testing it.
So.. everyone running AGS+'s in the core, beware.. *grin*
The workarounds should apply, but not much else. ;-) Jim == Jim Duncan, Critical Infrastructure Assurance Group, Cisco Systems, Inc. jnduncan@cisco.com, +1 919 392 6209, http://www.cisco.com/go/ciag/. PGP: DSS 4096/1024 E09E EA55 DA28 1399 75EB D6A2 7092 9A9C 6DC3 1821