Bugtraq mailing list archives
Cisco IOS exploit PoC
From: FX <fx () phenoelit de>
Date: Thu, 22 Aug 2002 10:03:10 +0200
Hi there, attached is a prove of concept exploit for the Cisco IOS TFTP-Server bug in versions 11.1-11.3. It will work on the 1600 and 1000 series and implements what we believe is a general way to exploit IOS heap overflows. The slides from BlackHat and DefCon covering the technique in more detail can be found at http://www.phenoelit.de/ultimaratio/index.html . Cisco's advisory can be found here (might wrap): http://www.cisco.com/warp/public/707/ios-tftp-long-filename-pub.shtml Notice the slightly different point of view in the "Impact" section. yours truly, FX -- FX <fx () phenoelit de> Phenoelit (http://www.phenoelit.de) 672D 64B2 DE42 FCF7 8A5E E43B C0C1 A242 6D63 B564
Attachment:
UltimaRatioVegas.c
Description:
Current thread:
- Cisco IOS exploit PoC FX (Aug 22)