Cisco Vulnerability Foundstone Security Briefing - 18 July

Anderson Johnston andy at umbc.edu
Thu Jul 17 22:13:41 GMT 2003


I just had time to sign up for this before it started.  It's being
replayed tomorrow at 11am Eastern.  There's a little more info here and it
gives you a chance at Q&A.


As of now, no one outside of Cisco is believed to have the exploit.

=09=09=09=09=09Good Luck,
=09=09=09=09=09=09- Andy

---------------------------------------------------------------------------=
---
** Andy Johnston (andy at umbc.edu)          *            pager: 410-678-8949 =
 **
** Manager of IT Security                 * PGP key:(afj2002) 4096/8448B056=
 **
** Office of Information Technology, UMBC *   4A B4 96 64 D9 B6 EF E3 21 9A=
 **
** 410-455-2583 (v)/410-455-1065 (f)      *   46 1A 37 11 F5 6C 84 48 B0 56=
 **
---------------------------------------------------------------------------=
---

---------- Forwarded message ----------
Date: Thu, 17 Jul 2003 13:30:54 -0700
From: Foundstone News <news at foundstone.com>
To: Andy <andy at umbc.edu>
Subject: Cisco Vulnerability Foundstone Security Briefing Today

Foundstone Security Briefings:
Cisco IPv4 Remote Denial of Service Vulnerability

Date: Today, Thursday, July 17, 2003
Time: 5:30 PM Eastern, 2:30 PM Pacific

Date: Tomorrow, Friday, July 18, 2003
Time: 11:00 AM Eastern, 8:00 AM Pacific

You=92re invited to a Special Web Seminar today covering this critical
vulnerability. If you cannot attend today=92s briefing please see
instructions below to register for a follow up Web Seminar tomorrow.

Cisco today announced a serious vulnerability for all Cisco devices that
implement and are configured to process Internet Protocol version 4 (IPv4)
packets. Foundstone Labs, first to respond to this serious risk, is
offering this Security Briefing as part of a coordinated effort designed
to protect current customers and other organizations.

This vulnerability should be considered extremely critical due to the
impact and ease-of-exploitation. Devices are vulnerable to a Denial of
Service (DoS) attack and although no known exploit has been yet
identified, a complex purposely malicious sequence of IPv4 packets
targeted to a vulnerable Cisco switch or router can cause the processing
interface to stop processing traffic. This vulnerability can be executed
by remote unauthenticated users with mere knowledge of at least one
interface IP address.

Web Seminar Outline

Introduction
Overview of Cisco IOS Issues
Analysis of the Cisco IOS Vulnerability
Understanding the Impact
Protection Mechanisms
Questions and Answers

Presenters

Matt Ploessel - Foundstone Labs
Tony Change - VP Engineering
Brian Kenyon - Director of Product Services

TO ATTEND TODAY'S WEB SEMINAR

1. Click the following Meeting URL or enter it in your browser:

http://www.placeware.com/cc/encounter/A?id=3D07172003&pw=3D798380

Or alternatively, use the following URL:

http://www.placeware.com/cc/encounter

2. On the "Enter Meeting" page that appears, supply this information if req=
uested:

Your Name: (enter your name)
Meeting ID: 07172003
Meeting Key: 798380
Conference Center Name: encounter

and then click the ENTER button at the bottom of the page.

3. Access audio for the meeting based on the following:

If inside the US or Canada dial 1-800-223-9488
If outside the US or Canada dial 1-785-832-1508
Conference ID: Foundstone


TO REGISTER FOR TOMORROW'S WEB SEMINAR

Click the following URL or enter it in your browser:

http://www.globalknowledge.com/training/course.asp?pageid=3D10&courseid=3D8=
157&catid=3D248

++++++++++++++

Foundstone=AE Inc., experts in strategic security, offers a unique
combination of software, services, and education to help organizations
continuously and measurably protect the most important assets from the
most critical threats. Through a strategic approach to security,
Foundstone identifies and implements the right balance of technology,
people, and process to manage digital risk and leverage security
investments more effectively.

++++++++++++++

If you wish to be excluded from future announcements, simply reply to this =
e-mail with the single word REMOVE in the SUBJECT LINE.



More information about the unisog mailing list