Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
588
Views
0
Helpful
6
Replies

IOS Vulnerability

Go to solution
avilt
Level 3
Level 3

‎01-24-2007 06:26 PM - edited ‎03-09-2019 05:16 PM

Is the following IOS version vulnerable to below security cavet?

http://www.cisco.com/warp/public/707/cisco-sa-20070124-crafted-ip-option.shtml

IOS (tm) C2600 Software (C2600-I-M), Version 12.3(9), RELEASE SOFTWARE (fc2)

The router in on internet segment running IPv4

Thank You.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
andrew.burns
Level 7
Level 7

‎01-25-2007 06:45 AM

Hi,

You're OK - the fix first appeared in 12.3(8).

HTH - plz rate if useful.

Andrew.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
andrew.burns
Level 7
Level 7

‎01-25-2007 06:45 AM

Hi,

You're OK - the fix first appeared in 12.3(8).

HTH - plz rate if useful.

Andrew.

0 Helpful

Go to solution
sspangle
Level 1
Level 1
In response to andrew.burns

‎01-25-2007 09:06 AM

I have several 7200s that may be vulnerable. What exactly would I see if the router was 'attacked'?

Thanks,

Steve

http://www.networking-forum.com

0 Helpful

Go to solution
andrew.burns
Level 7
Level 7
In response to sspangle

‎01-26-2007 05:22 AM

Hi,

I'm not aware of any exploits in the field that take advantage of this (that's not to say that there aren't any..) so it's hard to say apart from what's in the advisory. (i.e. DoS, router reloading, execution of arbitrary code..)

HTH

Andrew.

0 Helpful

Go to solution
sspangle
Level 1
Level 1
In response to andrew.burns

‎01-26-2007 05:43 AM

Andrew, thanks for the reply.

I have had 5-15 core router reboots due to ROM error over the past 2 days all with the same hex code. Since I applied the transit ACL on all my transit links last night I haven't had anymore. I fairly certain at this point, we were being affected by this exploit.

Now to upgrade 50-60 VXRs and GSRs. :)

Thanks,

Steve

http://www.networking-forum.com

0 Helpful

Go to solution
flopez
Level 1
Level 1

‎02-08-2007 04:24 PM

This link may be of some use. The advisory page.

http://www.cisco.com/en/US/products/products_security_advisories_listing.html#advisory

0 Helpful

Go to solution
avilt
Level 3
Level 3
In response to flopez

‎02-08-2007 05:16 PM

All problem fix version is 12.3(19)

This will fix all the three vulnerabilities.

Verison 12.3(9) is not vulnerable to Crafted IP Option Vulnerability but its vulnerable to other 2.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents