Re: CatOS security advisory: are we affected?

Discussion in 'Cisco' started by sPiDEr, Jul 10, 2003.

  1. sPiDEr

    sPiDEr Guest

    To test whether your switches are affected, launch more than 8 TCP
    connection to each switch.

    If both switches are affected and you do no wish to upgrade, ACL should
    limit the exposure of TCP connections from illegitimate source.

    sPiDEr.

    "Indra Pramana" <> wrote in message
    news:...
    > Dear all,
    >
    > Just read Cisco's security advisory on denial-of-service of TCP based
    > services in CatOS at this URL:
    >
    > http://www.cisco.com/warp/public/707/cisco-sa-20030709-swtcp.shtml
    >
    > It provides the software version and fixes for train 5.5, 6.3, 6.4,
    > 7.2, 7.4, 8.1.
    >
    > We have two very old Catalyst 5509 switches with CatOS 5.1(2a) and
    > 5.2(1) respectively. Are we vulnerable and how to get the software fix
    > since it's not on the list?
    >
    > Thanks in advance.
    sPiDEr, Jul 10, 2003
    #1
    1. Advertising

  2. In article <3f0d7d37$>,
    sPiDEr <spider@bgp5_.net_REMOVE_> wrote:
    :To test whether your switches are affected, launch more than 8 TCP
    :connection to each switch.

    That is not right. The problem occurs

    After receiving eight TCP connection attempts using a
    non-standard TCP flags combination


    --
    vi -- think of it as practice for the ROGUE Olympics!
    Walter Roberson, Jul 10, 2003
    #2
    1. Advertising

  3. sPiDEr

    sPiDEr Guest

    Yes using invalid combination of TCP flags is a popular way to secretly scan
    hosts for open ports. Use nmap or some stealth scanning tools should be able
    to test whether the product is affected.


    sPiDEr.

    "Walter Roberson" <-cnrc.gc.ca> wrote in message
    news:bek5m4$5hj$...
    > In article <3f0d7d37$>,
    > sPiDEr <spider@bgp5_.net_REMOVE_> wrote:
    > :To test whether your switches are affected, launch more than 8 TCP
    > :connection to each switch.
    >
    > That is not right. The problem occurs
    >
    > After receiving eight TCP connection attempts using a
    > non-standard TCP flags combination
    >
    >
    > --
    > vi -- think of it as practice for the ROGUE Olympics!
    sPiDEr, Jul 11, 2003
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Bill Gates...not!  Email w/o whitelist in the subj

    MISSING Cisco Security Advisory: IPv6 Crafted Packet Vulnerability

    Bill Gates...not! Email w/o whitelist in the subj, Aug 1, 2005, in forum: Cisco
    Replies:
    1
    Views:
    430
    Martin Bilgrav
    Aug 1, 2005
  2. you know who maybe
    Replies:
    3
    Views:
    2,270
    you know who maybe
    Nov 23, 2005
  3. Pete Finnigan

    Oracle security advisory 67 is released

    Pete Finnigan, Jun 13, 2004, in forum: Computer Security
    Replies:
    3
    Views:
    532
    Leythos
    Jun 14, 2004
  4. winged
    Replies:
    1
    Views:
    867
    winged
    Mar 2, 2005
  5. Winged

    Microsoft Security Advisory (892313)

    Winged, May 26, 2005, in forum: Computer Security
    Replies:
    1
    Views:
    370
    Michael Pelletier
    May 26, 2005
Loading...

Share This Page