[unisog] Cisco Vulnerability Foundstone Security Briefing - 18 July

Jordan Wiens jwiens at nersp.nerdc.ufl.edu
Fri Jul 18 13:24:50 GMT 2003


That is, unfortunately, not true.

http://marc.theaimsgroup.com/?l=full-disclosure&m=105851286623625&w=2

-- 
Jordan Wiens
UF Network Incident Response Team
(352)392-2061

On Thu, 17 Jul 2003, Anderson Johnston wrote:

>
> I just had time to sign up for this before it started.  It's being
> replayed tomorrow at 11am Eastern.  There's a little more info here and it
> gives you a chance at Q&A.
>
>
> As of now, no one outside of Cisco is believed to have the exploit.
>
> 					Good Luck,
> 						- Andy
>
> ------------------------------------------------------------------------------
> ** Andy Johnston (andy at umbc.edu)          *            pager: 410-678-8949  **
> ** Manager of IT Security                 * PGP key:(afj2002) 4096/8448B056 **
> ** Office of Information Technology, UMBC *   4A B4 96 64 D9 B6 EF E3 21 9A **
> ** 410-455-2583 (v)/410-455-1065 (f)      *   46 1A 37 11 F5 6C 84 48 B0 56 **
> ------------------------------------------------------------------------------
>
> ---------- Forwarded message ----------
> Date: Thu, 17 Jul 2003 13:30:54 -0700
> From: Foundstone News <news at foundstone.com>
> To: Andy <andy at umbc.edu>
> Subject: Cisco Vulnerability Foundstone Security Briefing Today
>
> Foundstone Security Briefings:
> Cisco IPv4 Remote Denial of Service Vulnerability
>
> Date: Today, Thursday, July 17, 2003
> Time: 5:30 PM Eastern, 2:30 PM Pacific
>
> Date: Tomorrow, Friday, July 18, 2003
> Time: 11:00 AM Eastern, 8:00 AM Pacific
>
> You’re invited to a Special Web Seminar today covering this critical
> vulnerability. If you cannot attend today’s briefing please see
> instructions below to register for a follow up Web Seminar tomorrow.
>
> Cisco today announced a serious vulnerability for all Cisco devices that
> implement and are configured to process Internet Protocol version 4 (IPv4)
> packets. Foundstone Labs, first to respond to this serious risk, is
> offering this Security Briefing as part of a coordinated effort designed
> to protect current customers and other organizations.
>
> This vulnerability should be considered extremely critical due to the
> impact and ease-of-exploitation. Devices are vulnerable to a Denial of
> Service (DoS) attack and although no known exploit has been yet
> identified, a complex purposely malicious sequence of IPv4 packets
> targeted to a vulnerable Cisco switch or router can cause the processing
> interface to stop processing traffic. This vulnerability can be executed
> by remote unauthenticated users with mere knowledge of at least one
> interface IP address.
>
> Web Seminar Outline
>
> Introduction
> Overview of Cisco IOS Issues
> Analysis of the Cisco IOS Vulnerability
> Understanding the Impact
> Protection Mechanisms
> Questions and Answers
>
> Presenters
>
> Matt Ploessel - Foundstone Labs
> Tony Change - VP Engineering
> Brian Kenyon - Director of Product Services
>
> TO ATTEND TODAY'S WEB SEMINAR
>
> 1. Click the following Meeting URL or enter it in your browser:
>
> http://www.placeware.com/cc/encounter/A?id=07172003&pw=798380
>
> Or alternatively, use the following URL:
>
> http://www.placeware.com/cc/encounter
>
> 2. On the "Enter Meeting" page that appears, supply this information if requested:
>
> Your Name: (enter your name)
> Meeting ID: 07172003
> Meeting Key: 798380
> Conference Center Name: encounter
>
> and then click the ENTER button at the bottom of the page.
>
> 3. Access audio for the meeting based on the following:
>
> If inside the US or Canada dial 1-800-223-9488
> If outside the US or Canada dial 1-785-832-1508
> Conference ID: Foundstone
>
>
> TO REGISTER FOR TOMORROW'S WEB SEMINAR
>
> Click the following URL or enter it in your browser:
>
> http://www.globalknowledge.com/training/course.asp?pageid=10&courseid=8157&catid=248
>
> ++++++++++++++
>
> Foundstone® Inc., experts in strategic security, offers a unique
> combination of software, services, and education to help organizations
> continuously and measurably protect the most important assets from the
> most critical threats. Through a strategic approach to security,
> Foundstone identifies and implements the right balance of technology,
> people, and process to manage digital risk and leverage security
> investments more effectively.
>
> ++++++++++++++
>
> If you wish to be excluded from future announcements, simply reply to this e-mail with the single word REMOVE in the SUBJECT LINE.
>



More information about the unisog mailing list