nanog mailing list archives
Re: Cisco IOS Exploit Cover Up
From: "Fergie (Paul Ferguson)" <fergdawg () netzero net>
Date: Thu, 28 Jul 2005 15:39:31 GMT
One thing that bugs me, though, is the quote that is credited to Lynn: [snip] "I feel I had to do what's right for the country and the national infrastructure," he said. "It has been confirmed that bad people are working on this (compromising IOS). The right thing to do here is to make sure that everyone knows that it's vulnerable." [snip] http://www.securityfocus.com/news/11259 Lynn's statement would tend to make one believe that this is yet another example of a vulnerability that is awaiting an exploit, not one that has yet to be discovered -- a sort of Sword of Damocles, if you will... - ferg -- Brett Frankenberger <rbf () rbfnet com> wrote: On Thu, Jul 28, 2005 at 07:03:31AM -0700, Eric Rescorla wrote: As nearly as I can tell from reports (I wasn't there), he (1) talked about a general way to exploit a buffer overflow to cause arbitrary code execution (this would apply to buffer overflows generally, but would be completely useless if you didn't know of a buffer overflow to exploit), and (2) demonstrated his technique using a previosuly known buffer overflow vulnerability which Cisco has already patched. So Cisco is correct in saying that he didn't identifiy any new vulnerabilities, and Cisco is also correct in saying that the vulnerability he used in his presentation to demonstrate his technique has been patched. However, the same technique will be useful on the next buffer overflow vulnerability to be discovered. -- Brett
Current thread:
- Re: Cisco IOS Exploit Cover Up, (continued)
- Re: Cisco IOS Exploit Cover Up Gordon Cook (Jul 27)
- RE: Cisco IOS Exploit Cover Up Fergie (Paul Ferguson) (Jul 27)
- Re: Cisco IOS Exploit Cover Up Jeff Kell (Jul 27)
- Re: Cisco IOS Exploit Cover Up Daniel Golding (Jul 27)
- Re: Cisco IOS Exploit Cover Up Network Fortius (Jul 27)
- Re: Cisco IOS Exploit Cover Up Jason Frisvold (Jul 28)
- Re: Cisco IOS Exploit Cover Up Dan Hollis (Jul 28)
- Re: Cisco IOS Exploit Cover Up Jeff Kell (Jul 27)
- Re: Cisco IOS Exploit Cover Up Florian Weimer (Jul 28)
- RE: Cisco IOS Exploit Cover Up Geo. (Jul 28)
- RE: Cisco IOS Exploit Cover Up Randy Bush (Jul 28)
- RE: Cisco IOS Exploit Cover Up John A. Kilpatrick (Jul 28)
- Re: Cisco IOS Exploit Cover Up James Baldwin (Jul 28)
- Re: Cisco IOS Exploit Cover Up Randy Bush (Jul 28)
- Re: Cisco IOS Exploit Cover Up James Baldwin (Jul 28)