Interesting....
"A problem in the Cisco Hot Standby Routing Protocol (HSRP) makes it
possible to deny service to users of network resources. By eavesdropping on
HSRP management messages sent over the network, it is possible to create a
spoofed message that will reroute all network traffic to a particular
system. By doing so, it is possible to prevent traffic from entering or
leaving that network."
I guess I'm dense. The DOS does what? Makes it possible to advertise a false
destination as the active HSRP address ?
"This problem makes it possible for system local to the network to deny
service to legitimate users of that network segment."
In other words, your enemy is someone on the inside. Which is where 80% of
any network's vulnerabilities occur!
Chuck
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Andy
Low
Sent: Monday, May 07, 2001 8:20 PM
To: [EMAIL PROTECTED]
Subject: Cisco HSRP Denial of Service Vulnerability [7:3534]
Hi TAC,
Anyone know of any solutions to the HSRP exploits?
http://www.securityfocus.com/bid/2684
-andy-
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3539&t=3534
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
