This was posted a while ago. http://lists.netsys.com/pipermail/full-disclosure/2003-July/011421.html http://lists.netsys.com/pipermail/full-disclosure/2003-July/011420.html I haven't had the chance to test it in a controlled environment yet.
It seems to work. On Fri, Jul 18, 2003 at 02:39:18AM -0400, Len Rose wrote:
This was posted a while ago.
http://lists.netsys.com/pipermail/full-disclosure/2003-July/011421.html http://lists.netsys.com/pipermail/full-disclosure/2003-July/011420.html
I haven't had the chance to test it in a controlled environment yet.
It appears Cisco has seen the posting too. The Cisco PSIRT updated their announcement to 1.4 at 5am this morning. The sentence in the "Exploitation and Public Announcments" section is new and states that they are aware that the exploitation "has been publised on a public mailing list". The link is the same, but the version number has changed: http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml Len Rose wrote:
It seems to work.
On Fri, Jul 18, 2003 at 02:39:18AM -0400, Len Rose wrote:
This was posted a while ago.
http://lists.netsys.com/pipermail/full-disclosure/2003-July/011421.html http://lists.netsys.com/pipermail/full-disclosure/2003-July/011420.html
I haven't had the chance to test it in a controlled environment yet.
Wouldn't it be nice if they would CVS-web this thing so I can just see the lines that they have changed on each revision. :-) ...off to read 1.5 G On Fri, 18 Jul 2003, NANOG wrote:
It appears Cisco has seen the posting too. The Cisco PSIRT updated their announcement to 1.4 at 5am this morning. The sentence in the "Exploitation and Public Announcments" section is new and states that they are aware that the exploitation "has been publised on a public mailing list". The link is the same, but the version number has changed: http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
Len Rose wrote:
It seems to work.
On Fri, Jul 18, 2003 at 02:39:18AM -0400, Len Rose wrote:
This was posted a while ago.
http://lists.netsys.com/pipermail/full-disclosure/2003-July/011421.html http://lists.netsys.com/pipermail/full-disclosure/2003-July/011420.html
I haven't had the chance to test it in a controlled environment yet.
The changes are all detailed at the bottom of the advisory.
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Gerald Sent: Friday, July 18, 2003 8:43 AM To: nanog@merit.edu Subject: Re: possible exploit.. (Cisco Issue)
Wouldn't it be nice if they would CVS-web this thing so I can just see the lines that they have changed on each revision. :-)
...off to read 1.5
G
On Fri, 18 Jul 2003, NANOG wrote:
It appears Cisco has seen the posting too. The Cisco PSIRT updated their announcement to 1.4 at 5am this morning. The sentence in the "Exploitation and Public Announcments" section is new and states that they are aware that the exploitation "has been publised on a public mailing list". The link is the same, but the version number has changed: http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
Len Rose wrote:
It seems to work.
On Fri, Jul 18, 2003 at 02:39:18AM -0400, Len Rose wrote:
This was posted a while ago.
July/011421.html
http://lists.netsys.com/pipermail/full-disclosure/2003- July/011420.html
I haven't had the chance to test it in a controlled environment yet.
*raising hand* guilty of not reading past "Distribution" after version 1.0. Someone else pointed that out off list. Thanks, Gerald On Fri, 18 Jul 2003, Barry Raveendran Greene wrote:
The changes are all detailed at the bottom of the advisory.
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Gerald Sent: Friday, July 18, 2003 8:43 AM To: nanog@merit.edu Subject: Re: possible exploit.. (Cisco Issue)
Wouldn't it be nice if they would CVS-web this thing so I can just see the lines that they have changed on each revision. :-)
...off to read 1.5
G
On Fri, 18 Jul 2003, NANOG wrote:
It appears Cisco has seen the posting too. The Cisco PSIRT updated their announcement to 1.4 at 5am this morning. The sentence in the "Exploitation and Public Announcments" section is new and states that they are aware that the exploitation "has been publised on a public mailing list". The link is the same, but the version number has changed: http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
Len Rose wrote:
It seems to work.
On Fri, Jul 18, 2003 at 02:39:18AM -0400, Len Rose wrote:
This was posted a while ago.
July/011421.html
http://lists.netsys.com/pipermail/full-disclosure/2003- July/011420.html
I haven't had the chance to test it in a controlled environment yet.
participants (4)
-
Barry Raveendran Greene -
Gerald -
Len Rose -
NANOG