(c/o Anonymous) Anyone remember the big squabble at cansecwest with respect to TCP Windows sizes and Cisco routers/etc. Everyone seemed to think it would be the end of the world, for example attackers bouncing BGP sessions between core routers repeatedly thus causing the "end of the Internet" (well for at least a few days) and so on. The Cisco damage control was impressive, on average if you phoned PSIRT you would get a call back in under an hour inviting you to chat with some of the senior Cisco guys at the conference in one of the hotel bars.
And after all that stink.... as far as I can remember a whole lot of nothing happened. Which I suspect is what will happen with this vulnerability. I feel truly sorry for companies such as Cisco, living in litigous times, and now with the whole "post 9-11 world" (not sure what that means but I hear it at least once a day from the media whenever security or technology comes up so it must be true) they have to behave rather neurotically. If they don't someone will probably sue them for not "thinking of the children". You are a subscribed member of the infowarrior list. Visit www.infowarrior.org for list information or to unsubscribe. This message may be redistributed freely in its entirety. Any and all copyrights appearing in list messages are maintained by their respective owners.
