RE: MS09-048 includes fixes for TCP/IP implementation issues reported more than a year ago

b...@home.com wrote: Does anyone have a reference pointing to the original announcement on here for these vulnerabilities? I would like to research them regarding the potential continued vulnerability of XP, since MS did not provide a patch for XP products. CERT-FI was the coordinator for

Re: The Trivial Cisco IP Phones Compromise

received from the author and his willingness to discuss the issue with us. We are unaware of any confirmed incidents of malicious exploitation of the issues in the author's paper and ask that any such exploitation be reported to the Cisco PSIRT, [EMAIL PROTECTED], as soon as possible. == Jim Duncan

Re: Cisco TFTPD 1.1 Vulerablity

as possible. Regardless of the path the report took to get to us, we appreciate the time and effort that goes into such reporting. Ultimately, everybody benefits from full disclosure of product security vulnerabilities. Thanks. Jim == Jim Duncan, Product Security Incident Manager

Re: Cisco HTTP possible bug:

Jim -- Jim Duncan, Product Security Incident Manager, Cisco Systems, Inc. http://www.cisco.com/warp/public/707/sec_incident_response.shtml E-mail: [EMAIL PROTECTED] Phone(Direct/FAX): +1 919 392 6209

Re: Cisco NAT DoS (VD#1)

it. Instead, we hope that you will notice improvements over time. This message is one such attempt. Thanks. Jim -- Jim Duncan, Product Security Incident Manager, Cisco Systems, Inc. http://www.cisco.com/warp/public/707/sec_incident_response.shtml E-mail: [EMAIL PROTECTED] Phone(Direct