Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Cisco IOS DHCP vulnerability; Rumours about vulnerabilities in Win XP SP2 - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cisco IOS DHCP vulnerability; Rumours about vulnerabilities in Win XP SP2
Cisco IOS DHCP DoS vulnerability

Cisco IOS version 12.2S is found to be vulnerable to a DoS attack when DHCP server or relay agent is enabled. Cisco has a fix ready (see link below). There are also many workarounds for this vulnerability, such as disabling the DHCP service (no service dhcp), using QoS or using ACL to block potential attack. Please refer to the URL below for details.

http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml



Rumours about Windows SP2 vulnerabilities

Finjan software announced that they have found 10 vulnerabilities in Windows XP SP2 and they have notified Microsoft about these vulnerabilities.

If these claims are true, we might have to do a lot of patching on XP machines soon.

http://www.vnunet.com/news/1159322

http://www.winnetmag.com/Article/ArticleID/44502/44502.html




--------------------------------

Handler on Duty

Jason Lam Email: jason /at/ networksec.org
Jason

93 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!