-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 If you're using NHRP and haven't patched, it might be a good idea to do so real soon now. A proof of concept exploit is now avialable which can crash a router configured with NHRP authentication enabled: http://www.milw0rm.com/exploits/4272 Cisco security advisory from yesterday: http://www.cisco.com/en/US/products/products_security_advisory09186a0080899 63b.shtml FYI, - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.2 (Build 2014) wj8DBQFGu1BKq1pz9mNUZTMRAglTAKCEGkQG0pZIn8OAZUPTv3mgFcJxgACg/5qt AIreKsDjLlFGJNSOthmhinU= =ZbWR -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
On Thu, 9 Aug 2007, Paul Ferguson wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
If you're using NHRP and haven't patched, it might be a good idea to do so real soon now.
A proof of concept exploit is now avialable which can crash a router configured with NHRP authentication enabled:
http://www.milw0rm.com/exploits/4272
Cisco security advisory from yesterday:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080899 63b.shtml
FYI,
I guess we won't know if some of these are remote code execution until we have another Michael Lynn. Gadi.
participants (2)
-
Gadi Evron
-
Paul Ferguson