Home page logo

bugtraq logo Bugtraq mailing list archives

Re: CISCO as5350 crashes with nmap connect scan
From: Wendy Garvin <wgarvin () cisco com>
Date: Tue, 29 Oct 2002 14:31:38 -0800

Hash: SHA1

I appreciate your communication with Cisco PSIRT on September 9th regarding
questions on a 5350. Your original problem was due to a misconfiguration,
and appropriate configuration details were provided within a day of your
request. No crash was mentioned to us.

This evening I have worked in the lab on both a 5300 and a 5350 running
12.2(11)T. I have run nmap as you suggested with a slight change, there is
no -d option, I assume you meant -Tinsane.  I have been unable to reproduce
your results. 

Cisco takes vulnerabilities with our devices very seriously, and if you can
show us how to reproduce this problem, we'd be very interested in fixing it.
Please contact us with detailed version information and any specifics on
your setup, and we'd be happy to continue working with you.

As always, the appropriate way to contact us is by emailing psirt () cisco com 
For technical assistance and configuration issues, please contact
tac () cisco com 

Thank you, 
- -Wendy 

- -- 
Wendy Garvin - Cisco PSIRT - 408 525-1888 CCIE# 6526
- ----------------------------------------------------

Thomas Munn <munn () bigfoot com> [2002-10-28 14:52] wrote:

I have managed to "reduplicate" at least five times the
following scenario with a cisco as5250, with firmwrare
12.2 (11t) release firmware of cisco:

nmap -dinsane -p 1-65535 ip.of.as5350 This causes a
"hard" lockup, and the device must be powered off in
order to have functionality restored to it.

Mentioned to PSIRT at cisco, they didn't do anything.


Thomas J. Munn

[    ----- End of Included Message -----    ]

Version: PGP 6.5.2


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]