Dailydave mailing list archives
Re: Lynn / Cisco shellcode
From: Francisco Amato <famato () infobyte com ar>
Date: Thu, 28 Jul 2005 09:50:19 -0300
http://www.securityfocus.com/news/11259 On 7/28/05, Halvar Flake <HalVar () gmx de> wrote:
I was in transit the last 20 hours, can someone give me a summaryof what happened ?
--- Ursprüngliche Nachricht --- Von: "Andrew R. Reiter" <arr () watson org> An: dan () geer org Kopie: dailydave () lists immunitysec com Betreff: Re: [Dailydave] Lynn / Cisco shellcodeDatum: Thu, 28 Jul 2005 03:57:21 -0400 (EDT)On Wed, 27 Jul 2005 dan () geer org wrote:: :Surely someone on this list has something :to say about the Lynn / Cisco shellcode :item... ::--danIn all honesty, most of the stuff is not new, in my opinion. The big thing of interest, to me, was that he was able to "put it all together." Like, the idea of overwriting heap management pointers/values is not a new idea, but how he figured out about the idle process that does process heap pointer "validation" _WAS_ interesting to me. That was the key, for me, in realizing what was really needed to go from "hrm... there's a bug, but I can't get things to work" to realizing "ah, there's something there that does another check, so we need to do more work to deal with getting aroundit."The talk, I felt, was mediocre soley b/c of the hype re: lawsuits... and the played out nature of the "so sue me" joke. I did enjoy it however and I think Cisco is way overreacting (as is ISS). I also feel that BlackHat (Inc?) is extremely lame with regards to how they handled the situation... VERY LAME. What about the Checkpoint vulnerabilities from humble, song,et al... a few years ago? Where was the law suits? So, I say "Good work, Mike."Cheers,Andrew-- Andrew R. Reiter arr () watson org _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec comhttps://lists.immunitysec.com/mailman/listinfo/dailydave
-- GMX DSL = Maximale Leistung zum minimalen Preis! 2000 MB nur 2,99, Flatrate ab 4,99 Euro/Monat: http://www.gmx.net/de/go/dsl _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec comhttps://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Lynn / Cisco shellcode dan (Jul 27)
- Re: Lynn / Cisco shellcode Andrew R. Reiter (Jul 28)
- Re: Lynn / Cisco shellcode Halvar Flake (Jul 28)
- Re: Lynn / Cisco shellcode Ron Guerin (Jul 29)
- <Possible follow-ups>
- RE: Lynn / Cisco shellcode Dennis Cox (Jul 27)
- Re: Lynn / Cisco shellcode Christoph Gruber (Jul 28)
- Re: Lynn / Cisco shellcode Saad Kadhi (Jul 28)
- Re: Lynn / Cisco shellcode ET LoWNOISE (Jul 28)
- Re: Lynn / Cisco shellcode Christoph Gruber (Jul 28)
- Re: Lynn / Cisco shellcode Andrew R. Reiter (Jul 28)
- Re: Lynn / Cisco shellcode Francisco Amato (Jul 28)
- Re: Lynn / Cisco shellcode Darren Bounds (Jul 28)
- Re: Lynn / Cisco shellcode Halvar Flake (Jul 28)
- RE: Lynn / Cisco shellcode Thor Larholm (Jul 28)
- Re: Lynn / Cisco shellcode Mordy Ovits (Jul 28)
- Re: Lynn / Cisco shellcode Steve Lord (Jul 28)
- Re: Lynn / Cisco shellcode ET LoWNOISE (Jul 28)
- Re: Lynn / Cisco shellcode Alex Stamos (Jul 28)
- Re: Lynn / Cisco shellcode Ejovi Nuwere (Jul 28)
- Re: Lynn / Cisco shellcode Michael Silk (Jul 28)
- Re: Lynn / Cisco shellcode Michael J Freeman (Jul 28)
- Re: Lynn / Cisco shellcode Mordy Ovits (Jul 28)