[VIM] Re: Old Cisco vulnerability question.. (fwd)

security curmudgeon jericho at attrition.org
Thu Jul 7 18:19:24 EDT 2005



---------- Forwarded message ----------
From: security curmudgeon <jericho at attrition.org>
To: tac at cisco.com
Date: Thu, 7 Jul 2005 18:19:06 -0400 (EDT)
Subject: Re: Old Cisco vulnerability question..


: Please include the following line in all replies.
: Tracking number: CT20050707_0000002505

: If you have access to the internet, we recommend that you open your
: service request using our online TAC Service Request Tool located at
: http://www.cisco.com/TAC .  The TAC Service Request Tool prompts you for
: all of the information that is required to open a service request.  The
: tool's questions, fields, and drop-down menu options quickly give Cisco
: engineers the information they need to assist you.  It typically takes
: less than two minutes to open a service request online.  In order to use
: the
:
: TAC Service Request Tool, you will need to have a valid Cisco service
: contract associated with your ID.

: If you choose to continue to request support on this issue by email,
: please make sure that your original email remains attached below by
: using the reply function on your email to respond.  Please complete and
: validate all of the required fields highlighted with * on the following
: form. We are unable to open a case without this information.

I do not have a valid Cisco contract. Is there any way to receive an
answer to this question without such a contract?

Brian


: REQUIRED INFORMATION
:
: * CONTACT NAME:
: * CONTACT PHONE NUMBER:
: * CONTACT CISCO.COM USERID (if one exists):
: * CONTACT EMAIL ADDRESS:
: * CONTRACT #:
: * SERIAL #:
: * PRODUCT TYPE (Model Number):
: * SOFTWARE VERSION:
: * COMPANY NAME:
: * EQUIPMENT LOCATION (Address):
: * BRIEF PROBLEM DESCRIPTION:
:
: You may also wish to  include some of the following additional information
: -
:
: ADDITIONAL INFORMATION (if applicable)
: ALTERNATE CONTACT NAME:
: ALTERNATE CONTACT PHONE:
: PICA I.D.:
: ON SITE PHONE:
: PAGER #:
: MOBILE #:
: BUSINESS IMPACT (Low/Medium/High):
:
: Best Regards,
: Sumod Mathews Cherian
: Cisco Systems, Inc.
:
:
: > -----Original Message-----
: > From: security curmudgeon <jericho at attrition.org>
: > Sent: Jul 8, 2005 3:36:03 AM IST
: > To: tac at cisco.com
: >
: >
: > I'm digging into some old vulnerabilities and ran across an old Cisco
: > issue (http://www.cisco.com/warp/public/707/2.html) dated Jun 1 16:27:08
: > PDT 1995. Looking back through the CERT advisories, I found one
: > (http://www.cert.org/advisories/CA-1992-20.html) that appears to cover the
: > same issue, but dated December 10, 1992.
: >
: > The obvious difference here is the versions affected (10.0 - 10.3 on the
: > Cisco advisory and 8.3 - 9.1 on the CERT advisory). Is this the same
: > vulnerability that got re-introduced to the code base, or are there subtle
: > differences that make these different vulnerabilities?
: >
: > Thanks for any help you can provide!
: >
: > Brian
: > OSVDB.org
: >
:


More information about the VIM mailing list