[SECURITY-L] SANS Flash Report: Exploit In-The-Wild for Cisco Vulnerability

Seg Jul 21 09:25:41 -03 2003

----- Forwarded message from The SANS Institute <sans em sans.org> -----

From: The SANS Institute <sans em sans.org>
Subject: SANS Flash Report: Exploit In-The-Wild for Cisco Vulnerability
To: Daniela Silva (SD312664) <daniela em ccuec.unicamp.br>
Date: Fri, 18 Jul 2003 12:04:55 -0600 (MDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SANS Flash Report: Exploit In-The-Wild for Cisco Vulnerability
July 18, 2000, 7:20 am, EDT

By now you have heard about the vulnerability in Cisco routers that
makes attacks easy.  This morning, the Department of Homeland Security
was informed that an exploit for this vulnerability has been seen in
the wild. So, in coordination with the Department's outreach effort, SANS
is sending this Flash Report to encourage you to use the new work
around, published yesterday by Cisco, or to patch your Cisco IOS
routers.

The vulnerability affects all Cisco devices running IOS and configured
to process Internet Protocol Version 4 (IPv4) packets.  That means
nearly every site.

DHS and CERT/CC published a brief advisory 

http://www.cert.org/advisories/CA-2003-15.html

Cisco published (and updated yesterday) a much more detailed advisory
telling you exactly what to do for your device.

http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml

Also, if your systems are impacted by attacks using this vulnerability,
please let us know (as soon as your connectivity is restored), so we
can keep track of the damage.

Alan Paller
Director of Research
The SANS Institute

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (Darwin)

iD8DBQE/GAoM+LUG5KFpTkYRAqA4AKCeYdq8ElWTK4wx5j1kG+CV7QQJGwCghAlC
gqDJ0kIY0Ua324JFFjiRZNc=
=Qt9S
-----END PGP SIGNATURE-----

----- End forwarded message -----