All interested parties might want to re-review the PSIRT advisory at http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
Please make sure that you are reading the latest advisory (Version 1.3 as of this email) Frank Jimenez, CCIE #5738 Systems Engineer Cisco Systems, Inc. [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, July 17, 2003 4:54 PM To: [EMAIL PROTECTED] Subject: Re: a really big bug [7:72463] It sounds like this is a hypothetical packet and situation that Cisco quality assurance discovered. I thought it was something already being exploited, but it doesn't sound like it. In that case, I guess I support Cisco not telling us more about it. It's sort of an age-old security question of how much info to publish. The info would help the white hats, but also the black hats. Unfortunately, I can't look at bug reports (even with my guest access!?) Maybe there's more in the bug reports. I still want to know more about these packets. :-) But I guess I'll have to do more research.... Priscilla M.C. van den Bovenkamp wrote: > > Duncan Maccubbin wrote: > > > I was on a conference call with Cisco and the Cisco rep felt > we were > > overreacting by rushing to change our code right away, He > said that the > > packet was extremely difficult to create and the person would > have to be a > > "genius" to make it. > > As we don't know exactly *what* you need to do, it's difficult to say > whether he's right or not. But my gut says he's wrong; as soon > as you > *do* know, there are 'packetfactory'-tools enough about... > > Regards, > > Marco. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72534&t=72534 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]