Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Catalyst C3500XL - Interface Blocked Security Advisory

The C3500XL do run IOS but are they vulnerable to the DOS attack outlined in the Cisco July 18 Security Advisory?

If so I guees the only solution is to upgrade the IOS as they do not support ACL's as required for the work around.

2 REPLIES
Cisco Employee

Re: Catalyst C3500XL - Interface Blocked Security Advisory

Yes..XLs are vulnerable. The management interface could get wedged causing to loose IP connectivity to the switch.

Re: Catalyst C3500XL - Interface Blocked Security Advisory

Wouldn't be enough to configure

access-list 101 permit tcp any any

access-list 101 permit udp any any

access-list 101 deny 53 any any

access-list 101 deny 55 any any

access-list 101 deny 77 any any

access-list 101 deny 103 any any

access-list 101 permit ip any any

interface VLANx

ip access-group 101 in

while using int VLANx as the management interface?

I've just done it on my C3548-XL running IOS 12.0(5)WC5a.

Regards,

Milan

110
Views
0
Helpful
2
Replies