AusCERT issued an advisory to subscribers of the free National IT Alert Service and to AusCERT members telling them about the increased threat on Friday, 18 July, just one day after the public release of the Cisco advisory.

"Since then we are aware of some reports of attempts to exploit the vulnerability but as yet no reports of successful attacks", according to Graham Ingram, AusCERT's general manager.

"Any organisation that has not yet taken appropriate mitigation action to protect themselves now faces an increased risk their Internet services will be cut-off.

"The release of a working tool means that the level of skill required to launch the attack has diminished; more attackers now have the capability to conduct this attack than before. It also means that organisations which have not protected themselves are now on borrowed time.

"The speed with which this exploit has been developed is disturbing. We said an exploit may be developed and released 'tomorrow' and as it turns out this is what happened", said Ingram.

AusCERT's first media release on this matter, issued Thursday, 17 July 2003, coincided with the public release of the Cisco advisory can be found here: http://www.auscert.org.au/render.html?it=3262&cid=1926.