Cisco Systems Product Security Incident Response Team <[EMAIL PROTECTED]> writes: >Exploitation and Public Announcements > ------------------------------------ > >The Cisco PSIRT is not aware of any public announcements or malicious use >of the vulnerabilities described in this advisory. These vulnerabilities >were discovered by a Security Consulting firm during a customer security >audit. Contrary to the above statement there is at least one other public announcement on this issue. @stake has published an advisory with the details of our Arrowpoint research at: http://www.atstake.com/research/advisories/2001/index.html#013101-1 Cisco was very responsive on this issue, even making an Arrowpoint device available for us to continue our testing. -weld