Hello, This may be old news to many, but I wanted to follow-up to the message I sent last October on this subject: <http://www.merit.edu/mail.archives/nanog/2002-10/msg00519.html> We have now published information about this issue here: <http://www.kb.cert.org/vuls/id/464113> We also have a few reports of possible exploitation. If you have feedback, please send mail to cert@cert.org with VU#464113 in the subject header. Thanks to the NANOG community for prior feedback on this issue. Regards, Ian Ian Finlay Internet Systems Security Analyst - CERT/CC Operations Networked Systems Survivability Program =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= CERT (R) Coordination Center Email: cert@cert.org Software Engineering Institute WWW: http://www.cert.org Carnegie Mellon University Hotline: +1-412-268-7090 Pittsburgh, PA USA 15213-3890 FAX: +1-412-268-6989 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=