Security Basics mailing list archives
Re: Mike Lynn released information about a hacking Cisco IOS
From: routerg <routerg () gmail com>
Date: Fri, 5 Aug 2005 09:40:06 -0400
Also expense. There are tones of 2500's running 10.* and 11.* that would require either upgrading memory and flash or even the whole platform. The mass amount of organizations not that concerned with network security probably don't want to spend the money to upgrade. But unfortunately yeah, upgrade for now. On 8/3/05, McKinley, Jackson <Jackson.McKinley () team telstra com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Other problem people face and im sure others do as well with patching equipment is "Certs" some devices are cleared for work on set OS lvls. For instance the new PIX OS code isnt EAL4 cert.. So patching isnt always an option. Layered defence is the best option I say. That way one weakness can be removed by a second system. - -----Original Message----- From: Kelly Martin [mailto:kel () securityfocus com] Sent: Thursday, 4 August 2005 10:42 AM To: ddjjembe 2 Cc: security-basics () securityfocus com Subject: Re: Mike Lynn released information about a hacking Cisco IOS ddjjembe 2 wrote:Last week Mike Lynn released information about a hacking Cisco IOS. Is there a patch to protect from this vulnerability?Just keep your routers patched and you'll be safe. He used a very new technique with an old vulnerability that has already been patched. The biggest issue is that people aren't used to patching their Cisco routers because no one has even been able to prove that shellcode can run on IOS before. Cheers, Kelly Martin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (MingW32) Comment: For info see http://www.gnupg.org iEYEARECAAYFAkLxaQcACgkQ4Tg6VO8hWutUiwCgjIglhlKa7UvtiXPas8SF//PX JvMAniMJySWoOevg/CXV3p6kkbr5iqEU =lS/x -----END PGP SIGNATURE-----
Current thread:
- Mike Lynn released information about a hacking Cisco IOS ddjjembe 2 (Aug 03)
- Re: Mike Lynn released information about a hacking Cisco IOS Kelly Martin (Aug 03)
- Re: Mike Lynn released information about a hacking Cisco IOS xyberpix (Aug 08)
- Re: Mike Lynn released information about a hacking Cisco IOS matt (Aug 10)
- Re: Mike Lynn released information about a hacking Cisco IOS Mark Teicher (Aug 15)
- Re: Mike Lynn released information about a hacking Cisco IOS xyberpix (Aug 08)
- Re: Mike Lynn released information about a hacking Cisco IOS Kelly Martin (Aug 03)
- <Possible follow-ups>
- RE: Mike Lynn released information about a hacking Cisco IOS Simon Allard (Aug 03)
- RE: Mike Lynn released information about a hacking Cisco IOS McKinley, Jackson (Aug 04)
- Re: Mike Lynn released information about a hacking Cisco IOS routerg (Aug 08)