[VIM] Old Cisco vulnerability question.. (fwd)

security curmudgeon jericho at attrition.org
Thu Jul 7 18:19:16 EDT 2005



---------- Forwarded message ----------
From: tac at cisco.com
To: jericho at attrition.org
Date: Fri, 08 Jul 2005 03:42:51 +0530
Subject: Old Cisco vulnerability question..

Please include the following line in all replies.
Tracking number: CT20050707_0000002505

Dear Brian,

Thank you for your email to tac at cisco.com  Unfortunately we did not
receive enough information to process your technical support request.

If you have access to the internet, we recommend that you open your
service request using our online TAC Service Request Tool located at
http://www.cisco.com/TAC .  The TAC Service Request Tool prompts you
for all of the information that is required to open a service request.
The
tool's questions, fields, and drop-down menu options quickly give Cisco

engineers the information they need to assist you.  It typically takes
less
than two minutes to open a service request online.  In order to use the

TAC Service Request Tool, you will need to have a valid Cisco service
contract associated with your ID.

For information regarding Cisco.com registration, please
see  http://www.cisco.com/register/

If you choose to continue to request support on this issue by email,
please make sure that your original email remains attached below by
using the reply function on your email to respond.  Please complete
and validate all of the required fields highlighted with  * on the
following form. We are unable to open a case without this information.


REQUIRED INFORMATION

* CONTACT NAME:
* CONTACT PHONE NUMBER:
* CONTACT CISCO.COM USERID (if one exists):
* CONTACT EMAIL ADDRESS:
* CONTRACT #:
* SERIAL #:
* PRODUCT TYPE (Model Number):
* SOFTWARE VERSION:
* COMPANY NAME:
* EQUIPMENT LOCATION (Address):
* BRIEF PROBLEM DESCRIPTION:

You may also wish to  include some of the following additional information
-

ADDITIONAL INFORMATION (if applicable)
ALTERNATE CONTACT NAME:
ALTERNATE CONTACT PHONE:
PICA I.D.:
ON SITE PHONE:
PAGER #:
MOBILE #:
BUSINESS IMPACT (Low/Medium/High):

Best Regards,
Sumod Mathews Cherian
Cisco Systems, Inc.


> -----Original Message-----
> From: security curmudgeon <jericho at attrition.org>
> Sent: Jul 8, 2005 3:36:03 AM IST
> To: tac at cisco.com
>
>
> I'm digging into some old vulnerabilities and ran across an old Cisco
> issue (http://www.cisco.com/warp/public/707/2.html) dated Jun 1 16:27:08
> PDT 1995. Looking back through the CERT advisories, I found one
> (http://www.cert.org/advisories/CA-1992-20.html) that appears to cover the
> same issue, but dated December 10, 1992.
>
> The obvious difference here is the versions affected (10.0 - 10.3 on the
> Cisco advisory and 8.3 - 9.1 on the CERT advisory). Is this the same
> vulnerability that got re-introduced to the code base, or are there subtle
> differences that make these different vulnerabilities?
>
> Thanks for any help you can provide!
>
> Brian
> OSVDB.org
>


More information about the VIM mailing list