[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CISCO 0-day exploits

Subject: CISCO 0-day exploits
From: tom at ninjabadger.net (Tom Hill)
Date: Mon, 10 Feb 2020 18:54:02 +0000
In-reply-to: <[email protected]>
References: <[email protected]>

On 10/02/2020 18:13, Scott Weeks wrote:
> Just because you use cisco devices doesn't mean you have to use 
> their proprietary protocols, such as EIGRP or CDP.  OSPF or LLDP
> work just fine and interoperate with other vendors... :)

The CDPwn vulnerability covers similar vulnerabilities in LLDP, and does
indeed demonstrate that network segmentation (i.e. "dude it's just L2")
is not the last word in mitigating against said vulnerabilities.

You ought to all be far more concerned, IMO.

-- 
Tom

References:
- CISCO 0-day exploits
  - From: surfer at mauigateway.com (Scott Weeks)

Prev by Date: CISCO 0-day exploits
Next by Date: Peering/Transit eBGP sessions -pet or cattle?
Previous by thread: CISCO 0-day exploits
Next by thread: google cloud console is slow
Index(es):
- Date
- Thread