i have no details regarding the ios vulnerability other than what has already been stated on-list, but the IOS matrix obtained this evening and listed at http://www.0ptical.net/cisco.html shows what versions are affected, and what to upgrade to resolve the mystery issue. not sure why psirt is keeping this under wraps, since most NSPs are publicly scheduling "emergency upgrades" to fix "network problems" that arent being detailed to customers, and those same customers can and will be affected by the same problem.
thx, JT _______________________________________________ Join Excite! - http://www.excite.com The most personalized portal on the Web!
