Verified on a 677 also. -----Original Message----- From: Vladimir Kraljevic [mailto:vladimir_kraljevicat_private] Sent: Monday, August 06, 2001 11:55 AM To: VULN-DEVat_private Cc: 'Geo.' Subject: RE: Code red II crashes cisco 678 I've had problems with Cisco 677 (please take a search for 20000814172811.28516.qmailat_private). It was possible to smash the router (only power off helped) by issuing ICMP echo with record route flag set (succeeded even with Win32 ping from command line). Problem appeared after several echo requests of that type, not immediately (try ping -t -r 8 <some.non.local.ip.address> and wait 2-3 minutes at most). However, I was not able (not enough time, as usual) to try to craft fake ICMP response with recorded routes inside (maybe this allows an DoS against complete families of Cisco 6xx routers). Maybe related. Vladimir C:\>-----Original Message----- C:\>From: Geo. [mailto:georgerat_private] C:\>Sent: Monday, August 06, 2001 4:43 C:\>To: Russ; VULN-DEVat_private; C:\>NTBUGTRAQat_private; C:\>Discussion regarding Windows-related security vulnerabilities and C:\>risks.; Marc Maiffret; securityat_private C:\>Subject: Code red II crashes cisco 678 C:\> C:\> C:\>All day I've had customers calling with cisco 678 routers C:\>running cbos 2.4.2 C:\>with the web interface disabled. Seems their routers have C:\>been crashing. C:\> C:\>We traced this back to the code red worm. For some reason C:\>even with web C:\>disabled on these routers port 80 remains open. Simply C:\>running a port scan C:\>and cutting off the connection is enough to crash the C:\>router. Locks up C:\>solid. C:\> C:\>I also found a solution, by doing a C:\> C:\>set web remote ipaddress C:\> C:\>where ipaddress is one of their internal IP's you can C:\>prevent outside C:\>addresses from being able to crash the router. C:\> C:\>Just a heads up guys, if you are seeing 678's crashing, C:\>give it a try, it's C:\>working here. C:\> C:\>Geo. C:\> C:\> C:\> C:\>
This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 10:55:42 PDT