Dailydave mailing list archives
Re: Lynn / Cisco shellcode
From: "Halvar Flake" <HalVar () gmx de>
Date: Thu, 28 Jul 2005 15:04:11 +0200 (MEST)
Hey all, please correct me if my summary is incorrect, but: 1) Lynn talked about exploitation methods, not about 0day bugs 2) A significant amount of what he talked about was already known if one had read/studied what had previously been published by FX 3) Cisco and ISS are suing him ? A few comments come into my mind: 1) My "friends don't let friends" slide from an old Blackhat talk 2) This is nutty. Instead of trying to go after Mr. Lynn, Cisco should perhabs do some changes to their heap implementation focusing more on security and less on heap integrity. Ah, did I mention being more vigorous in auditing their own code ? 3) I don't know the specifics, but I have the impression that the risk of all this is a bit hyped. 4) What "weaknesses" were really presented ? I mean it is a given that if you corrupt memory on any computer, you can do shit you should not be able to do. Anybody who disputes this is living in a different world. So there is nothing that "needs fixing" - what needs fixing is the fact that attackers can corrupt memory. Mr. Lynn has presented a methodology do utilize the tools (a memory corruption) provided by Cisco. But the important part is that the memory corruption is some- thing that Cisco put into the software - and it is hard to imagine that finding a way to make use of an (unintentionally included) feature is anything to be sued over. I just came off of a very long flight, so I might not be 100% coherent. But all in all, I think the security industry has gotten to the point of believing it's own hype. Never a good thing. So on what grounds are ISS/Cisco suing ? Cheers, Halvar -- GMX DSL = Maximale Leistung zum minimalen Preis! 2000 MB nur 2,99, Flatrate ab 4,99 Euro/Monat: http://www.gmx.net/de/go/dsl _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Lynn / Cisco shellcode dan (Jul 27)
- Re: Lynn / Cisco shellcode Andrew R. Reiter (Jul 28)
- Re: Lynn / Cisco shellcode Halvar Flake (Jul 28)
- Re: Lynn / Cisco shellcode Ron Guerin (Jul 29)
- <Possible follow-ups>
- RE: Lynn / Cisco shellcode Dennis Cox (Jul 27)
- Re: Lynn / Cisco shellcode Christoph Gruber (Jul 28)
- Re: Lynn / Cisco shellcode Saad Kadhi (Jul 28)
- Re: Lynn / Cisco shellcode ET LoWNOISE (Jul 28)
- Re: Lynn / Cisco shellcode Christoph Gruber (Jul 28)
- Re: Lynn / Cisco shellcode Andrew R. Reiter (Jul 28)
- Re: Lynn / Cisco shellcode Francisco Amato (Jul 28)
- Re: Lynn / Cisco shellcode Darren Bounds (Jul 28)
- Re: Lynn / Cisco shellcode Halvar Flake (Jul 28)
- RE: Lynn / Cisco shellcode Thor Larholm (Jul 28)
- Re: Lynn / Cisco shellcode Mordy Ovits (Jul 28)
- Re: Lynn / Cisco shellcode Steve Lord (Jul 28)
- Re: Lynn / Cisco shellcode ET LoWNOISE (Jul 28)
- Re: Lynn / Cisco shellcode Alex Stamos (Jul 28)
- Re: Lynn / Cisco shellcode Ejovi Nuwere (Jul 28)
- Re: Lynn / Cisco shellcode Michael Silk (Jul 28)
- Re: Lynn / Cisco shellcode Michael J Freeman (Jul 28)
- Re: Lynn / Cisco shellcode Mordy Ovits (Jul 28)
- Re: Lynn / Cisco shellcode Pukhraj Singh (Jul 29)