Re: Warning: Cisco RW community backdoor.
Sean Donelan writes:
Anyone with a Smartnet contract have a response from Cisco yet? I really need to get my own Smartnet number.
No need. I'll post the advisory as soon as I can get it ready. It's probably going to be another hour or two. The only reason I've paused to post this response is to ask everyone to wait for the advisory and stop experimenting. This one is really strange in the interactions with various releases, features, and hardware. The real problem is that if you try enough different combinations of config commands to shut off the problem, you'll put your ATM connections in a very poor state (that's the best way I can put it). As a side note, this is a problem with the standards. In particular, how the standards _require_ a function to be implemented. Please wait for the advisory. Thanks! Jim -- Jim Duncan, Product Security Incident Manager, Cisco Systems, Inc. <http://www.cisco.com/warp/public/707/sec_incident_response.shtml> E-mail: <jnduncan@cisco.com> Phone(Direct/FAX): +1 919 392 6209
On Tue, Feb 27, 2001, Jim Duncan wrote:
As a side note, this is a problem with the standards. In particular, how the standards _require_ a function to be implemented.
<TONGUE LOCATION="CHEEK"> Now, if only all other standards were implemented so faithfully by all the vendors .. </TONGUE> :-) (sorry, couldn't resist.) And yes, we received a call at work from our cisco rep outlining the bug a few days ago. That was really nice of them. Well done guys. Adrian -- Adrian Chadd "The fact you can download a 100 megabyte file <adrian@creative.net.au> from half way around the world should be viewed as an accident and not a right." -- Adrian Chadd and Bill Fumerola
On Tue, Feb 27, 2001 at 09:11:31PM +0800, Adrian Chadd wrote:
On Tue, Feb 27, 2001, Jim Duncan wrote:
As a side note, this is a problem with the standards. In particular, how the standards _require_ a function to be implemented.
<TONGUE LOCATION="CHEEK"> Now, if only all other standards were implemented so faithfully by all the vendors .. </TONGUE>
:-)
(sorry, couldn't resist.)
And yes, we received a call at work from our cisco rep outlining the bug a few days ago. That was really nice of them. Well done guys.
And for those of us that don't qualify as special to cisco... http://www.cisco.com/warp/public/707/ios-snmp-ilmi-vuln-pub.shtml -- John Payne http://www.sackheads.org/jpayne/ john@sackheads.org http://www.sackheads.org/uce/ Fax: +44 870 0547954 To send me mail, use the address in the From: header
participants (3)
-
Adrian Chadd
-
Jim Duncan
-
John Payne