Hello Pascal
Pascal Gloor wrote:
the ones having a looking-glass sending regexp commands to a cisco router should disable it ASAP.
I think I already had read about this somewhere else in the last few weeks.
Ok, found it (did not find it in the Bugtraq or Full-Discolsure mailing lists), Google pointed me to "Cisco IOS Show IP BGP Regexp Remote Denial of Service Vulnerability" [1], and the reference there points to a Heise article (which seems to be the main source). It has been published on the 17. August 2007, see the "DoS vulnerability in Cisco IOS compromises Internet routers [Update]" (English) [2] or "DoS-Lücke in Cisco IOS gefährdet Router der Internet Provider [Update]" (German) [3].
[1] http://www.securityfocus.com/bid/25352 [2] http://www.heise-security.co.uk/news/94526/ [3] http://www.heise.de/newsticker/meldung/94517/
bye Fabian