RE: Cisco vulnerability on smaller catalyst switches
As part of our vulnerability tests, we have been unable to confirm
that
the smaller catalyst switches running IOS but without L3 capability are vulnerable. They don't seem to react in a negative way to the same attacks that lock up the other devices we have tested. Has anyone else been able to verify this one way or the other?
I tested Catalyst 2924-XL-EN with 12.0(5)WC5a and I found that without L3 capability it does not seem to be affected. But with L3 connectivity, if you direct the attack at the VLAN1 interface it is definitely susceptible. I've tested 12.0(5)WC8 and it has the fix. --steve
I tested Catalyst 2924-XL-EN with 12.0(5)WC5a and I found that without L3 capability it does not seem to be affected. But with L3 connectivity, if you direct the attack at the VLAN1 interface it is definitely susceptible.
I believe directing the attack to VLAN1 should just kill the remote managmeent and won't effect switching capability. Can anyone confirm? -hc -- Sincerely, Haesu C. TowardEX Technologies, Inc. WWW: http://www.towardex.com E-mail: haesu@towardex.com Cell: (978) 394-2867
I've tested 12.0(5)WC8 and it has the fix.
--steve
participants (2)
-
Haesu -
Steve Rude