To assist in detecting and mitigating the IOS vulnerability released
today publicly by Cisco, Foundstone has released a free scanning tool to
aid in identifying vulnerable Cisco devices. Devices detected by SNScan
will have their IOS and feature-set information displayed in a easy to
manage layout. Device information should be matched against Cisco's IOS
upgrade matrix and patched according to the upgrade path recommended by
Cisco.=20

SNScan v1.05=20
http://www.foundstone.com/resources/proddesc/snscan.htm =20

SNMP Detection Utility
Copyright 2003(c) by Foundstone, Inc.
http://www.foundstone.com

SNScan is a Windows based SNMP detection utility that can quickly and
accurately identify SNMP enabled devices on a network. This utility can
effectively indicate devices that are potentially vulnerable to SNMP
related security threats, such as those released on February 12, 2002
and the Cisco IPv4 Remote Denial of Service vulnerability from July 17,
2003.=20
SNScan allows for the scanning of SNMP specific ports (e.g. UDP 161,
193, 391 and 1993) and the use of standard (i.e. "public") as well as
user-defined SNMP community names. User-defined community names may be
used to more effectively evaluate the presence of SNMP enabled devices
in more complex networks.=20

SNScan is intended for use by system and network administrators as a
fast and reliable utility for information gathering. While not
indicating whether SNMP enabled devices are vulnerable to specific
threats, SNScan can quickly and accurately identify potential areas of
exposure to SNMP related vulnerabilities.


Cisco Advisory [As of 2003 July 17 at 23:00 UTC (GMT)]
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml

...

Matt Ploessel
Network Security Engineer
Foundstone, Inc.
Strategic Security

949.297.5600 Tel=20
949.297.5575 Fax=20

http://www.foundstone.com
PGP: https://www.foundstone.com/pgpkeys/matt_ploessel.asc
PGP Hash: 5233 27A0 E504 2887 0F6F 0218 7495 1EB2 F182 E914