Reprint of SANS Flash Report

SANS Flash Report: Exploit In-The-Wild for Cisco Vulnerability July 18, 2000, 7:20 am, EDT

By now you have heard about the vulnerability in Cisco routers that makes attacks easy. This morning, the Department of Homeland Security was informed that an exploit for this vulnerability has been seen in the wild. So, in coordination with the Department's outreach effort, SANS is sending this Flash Report to encourage you to use the new work around, published yesterday by Cisco, or to patch your Cisco IOS routers.

The vulnerability affects all Cisco devices running IOS and configured to process Internet Protocol Version 4 (IPv4) packets. That means nearly every site.

DHS and CERT/CC published a brief advisory

http://www.cert.org/advisories/CA-2003-15.html

Cisco published (and updated yesterday) a much more detailed advisory telling you exactly what to do for your device.

http://www.cisco.com/warp/public/707...-blocked.shtml

Also, if your systems are impacted by attacks using this vulnerability, please let us know (as soon as your connectivity is restored), so we can keep track of the damage.

Alan Paller
Director of Research
The SANS Institute

Reprint of SANS Flash Report - Cisco