Dailydave mailing list archives
Re: No sellout. was: RE: Lynn / Cisco shellcode
From: Holden Williamson <limeyhaqr () gmail com>
Date: Mon, 1 Aug 2005 17:28:18 -0300
I'm a bit more disposed to be positive about what Lynn did. The stuff he discussed would be a heck of a lot scarier if "virtual processes" were in common use, as Cisco is working toward.
Oh come on. As somone already pointed out elsewhere "Nobody who has spent more than a year doing vulnerability work believes that buffer overflows are unexploitable anywhere, even on platforms that preemptively reboot to avoid problems." If a system runs executable code it can be made to run unauthorized executable code - from your PC to your cable-modem to your bloody xbox. This is computer security 101. It's not 1992AD anymore guys. If anyone really sat there and thought "wow, I never thought about remotely executing code on a cisco before" then they should be probably be asking themselves why they're playing with this security muck in the first place. -holden _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- No sellout. was: RE: Lynn / Cisco shellcode surreal (Jul 28)
- Re: No sellout. was: RE: Lynn / Cisco shellcode security curmudgeon (Jul 29)
- Re: No sellout. was: RE: Lynn / Cisco shellcode Holden Williamson (Jul 29)
- Re: No sellout. was: RE: Lynn / Cisco shellcode byte_jump (Jul 29)
- Re: No sellout. was: RE: Lynn / Cisco shellcode Holden Williamson (Aug 01)
- Re: No sellout. was: RE: Lynn / Cisco shellcode byte_jump (Aug 01)
- Re: No sellout. was: RE: Lynn / Cisco shellcode Holden Williamson (Aug 01)
- Re: No sellout. was: RE: Lynn / Cisco shellcode I)ruid (Aug 02)
- Re: No sellout. was: RE: Lynn / Cisco shellcode Holden Williamson (Aug 02)
- Re: No sellout. was: RE: Lynn / Cisco shellcode I)ruid (Aug 02)
- Re: No sellout. was: RE: Lynn / Cisco shellcode byte_jump (Jul 29)
- <Possible follow-ups>
- RE: No sellout. was: RE: Lynn / Cisco shellcode Dennis Cox (Jul 29)
- RE: No sellout. was: RE: Lynn / Cisco shellcode Paul Melson (Aug 01)
- Re: No sellout. was: RE: Lynn / Cisco shellcode Holden Williamson (Aug 01)
- Re: No sellout. was: RE: Lynn / Cisco shellcode TAREK (Aug 02)
- Re: No sellout. was: RE: Lynn / Cisco shellcode M. Shirk (Aug 02)