Re: Mike Lynn released information about a hacking Cisco IOS

[matt <matt () learnsecurityonline com>]

Just for the record, cisco shellcode has already been created and run, 
check out www.phenoelit.de

Regards

Matt
Learn Security Online, Inc.

* Security Games * Simulators
* Challenge Servers * Courses
* Hacking Competitions * Hacklab Access

xyberpix wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> If shellcode can be run on routers as Mike's presentation showed,  
> well then I think that we're all going to be in for a world of hurt  
> sometime in the future.
> Cisco did nothing but prove the fact that this is a real threat by  
> doing what they did in regard to all the cease and desist orders, and  
> confiscating the presentation at Blackhat.
>
> Just my 2p's worth.
>
> xyberpix
>
> On 4 Aug 2005, at 01:42, Kelly Martin wrote:
>
> > ddjjembe 2 wrote:
> >
> > > Last week Mike Lynn released information about a hacking Cisco  
> > > IOS.  Is there a patch to protect from this vulnerability?
> >
> > Just keep your routers patched and you'll be safe. He used a very  
> > new technique with an old vulnerability that has already been  
> > patched. The biggest issue is that people aren't used to patching  
> > their Cisco routers because no one has even been able to prove that  
> > shellcode can run on IOS before.
> >
> > Cheers,
> >
> > Kelly Martin
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.1 (Darwin)
>
> iD8DBQFC86okcRMkOnlkwMERAviGAJ9wPm6rSZqqXPODA/uo7jWPZdD4AgCffy3Z
> MPXjsdRmRpo4WWYlLVdzI94=
> =lSWv
> -----END PGP SIGNATURE-----