Bugtraq mailing list archives
Re: Cisco device HTTP exploit...
From: Damir Rajnovic <gaus () cisco com>
Date: Wed, 04 Jul 2001 07:02:13 +0100
Hello there, At 16:57 03/07/2001 +1000, Marc-Adrian Napoli wrote:
i cant seem to recreate this exploit on any of my 1900/2900/2500/2600's?
I can just restate the advisory, this exploit is dependant on the combination of the IOS version and the HW. For that reason a 'magic' number is different in some cases. As it seems now, some combinations look like immune to this attack. I am not surprised that it is so, so you do not have to be either. Cheers, Gaus P.S. It was really interesting watching some of "exploits" that has been posted on the list. That one really brighten my day. Gaus ============== Damir Rajnovic <psirt () cisco com>, PSIRT Incident Manager, Cisco Systems <http://www.cisco.com/warp/public/707/sec_incident_response.shtml> Phone: +44 7715 546 033 4 The Square, Stockley Park, Uxbridge, MIDDLESEX UB11 1BN, GB ============== There is no insolvable problems. Question remains: can you accept the solution?
Current thread:
- Cisco device HTTP exploit... Half Adder (Jul 02)
- Re: Cisco device HTTP exploit... Marc-Adrian Napoli (Jul 03)
- Re: Cisco device HTTP exploit... Damir Rajnovic (Jul 04)
- Re: Cisco device HTTP exploit... Grzegorz Krawczyk (Jul 03)
- <Possible follow-ups>
- RE: Cisco device HTTP exploit... Thornton, Simon (Simon)** CTR ** (Jul 05)
- Re: Cisco device HTTP exploit... Marc-Adrian Napoli (Jul 03)