<OT>SANS Flash Report: Exploit In-The-Wild for Cisco Vulnerability

[The SANS Institute]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SANS Flash Report: Exploit In-The-Wild for Cisco Vulnerability
July 18, 2000, 7:20 am, EDT

By now you have heard about the vulnerability in Cisco routers that
makes attacks easy.  This morning, the Department of Homeland Security
was informed that an exploit for this vulnerability has been seen in
the wild. So, in coordination with the Department's outreach effort, SANS
is sending this Flash Report to encourage you to use the new work
around, published yesterday by Cisco, or to patch your Cisco IOS
routers.

The vulnerability affects all Cisco devices running IOS and configured
to process Internet Protocol Version 4 (IPv4) packets.  That means
nearly every site.

DHS and CERT/CC published a brief advisory

http://www.cert.org/advisories/CA-2003-15.html

Cisco published (and updated yesterday) a much more detailed advisory
telling you exactly what to do for your device.

http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml

Also, if your systems are impacted by attacks using this vulnerability,
please let us know (as soon as your connectivity is restored), so we
can keep track of the damage.

Alan Paller
Director of Research
The SANS Institute

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (Darwin)

iD8DBQE/GAoM+LUG5KFpTkYRAqA4AKCeYdq8ElWTK4wx5j1kG+CV7QQJGwCghAlC
gqDJ0kIY0Ua324JFFjiRZNc=
=Qt9S
- -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/GDeh2MO5UukaubkRAk2XAJ9z4nLnMGoapGNYnb868f8rC7hN6wCgl2jw
GlszRriJagPGMJY/J85fGXQ=
=G6ul
-----END PGP SIGNATURE-----