[Snort-users] RE: [Snort-sigs] Suggested Sig for Cisco DOS Vulnerability

Eric Hines loki at ...1142...
Fri Jul 18 17:02:20 EDT 2003

There is definitely an exploit out.. I've got it.. Those of you who
would like to generate a Snort signature from it can get the exploit off
the Full-Disclosure mailing list.


Eric Hines
CEO, Chairman


Eric Hines
CEO, Chairman
Applied Watch Technologies, Inc.
eric.hines at ...8860...
Corporate Headquarters
1650 Carlemont Dr. 
Suite D 
Crystal Lake, IL. 60014 
Direct Toll Free: (877) 262-7593 (x327)
Fax: (815) 425-2173 
Main Switchboard: (877) 262-7593 (9am-5pm CST)
Commercial Sales: (877) 262-7593 (opt1)
Government Sales: (877) 262-7593 (opt2)


-----Original Message-----
From: Michael Scheidell [mailto:scheidell at ...5171...] 
Sent: Friday, July 18, 2003 9:01 AM
To: Compton, Rich
Cc: 'snort-sigs at lists.sourceforge.net';
Snort-users at lists.sourceforge.net
Subject: Re: [Snort-sigs] Suggested Sig for Cisco DOS Vulnerability

> Hey guys,
> Doesn't look like a exploit exists as of yet but Cisco just released
what IP
> protocols cause the DOS so it won't be long until there is one!

from http://www.theregister.co.uk/content/55/31825.html
someone sent shadowchode.tar.gz to [Full-Disclosure] list.

Cisco IOS DoS exploit released in the wild 
By John Leyden
Posted: 18/07/2003 at 12:01 GMT

The risk posed by a serious DoS vulnerability to a wide range of Cisco
Systems routers and switches has been upgraded following the release of
an exploit onto a full disclosure mailing list. 

This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
same time. Free trial click here: http://www.vmware.com/wl/offer/345/0
Snort-sigs mailing list
Snort-sigs at lists.sourceforge.net

More information about the Snort-users mailing list