nanog mailing list archives
Re: Cisco IOS Vulnerability
From: Joe Abley <jabley () isc org>
Date: Thu, 17 Jul 2003 16:11:21 -0400
On Thursday, Jul 17, 2003, at 15:59 Canada/Eastern, Andy Dills wrote:
On Thu, 17 Jul 2003, Jack Bates wrote:Sendmail root exploit took less than 24 hours to craft. I suspect that this exploit will be found within 48 hours. Enough information was provided to quickly guess where the problem lies with IPv4 processing.Sendmail is open source, IOS is not. Knowing where the problem is and knowing how to exploit it are two entirely different situations.
If any IOS source code has ever found its way out of cisco since IOS 10.3 (and surely, that must have happened), then it seems reasonable to assume that there are people in the world currently comparing the advisory to the source.
Joe
Current thread:
- RE: Cisco IOS Vulnerability, (continued)
- RE: Cisco IOS Vulnerability Todd Mitchell - lists (Jul 16)
- Re: Cisco IOS Vulnerability Ryan Tucker (Jul 16)
- Re: Cisco IOS Vulnerability (going OT) Petri Helenius (Jul 16)
- Flapping (was Re: Cisco IOS Vulnerability) Sean Donelan (Jul 16)
- RE: Cisco IOS Vulnerability Mikael Abrahamsson (Jul 16)
- Re: Cisco IOS Vulnerability Jared Mauch (Jul 16)
- RE: Cisco IOS Vulnerability Sean Donelan (Jul 16)
- Re: Cisco IOS Vulnerability Jeff Kell (Jul 16)
- Re: Cisco IOS Vulnerability Jack Bates (Jul 17)
- Re: Cisco IOS Vulnerability Andy Dills (Jul 17)
- Re: Cisco IOS Vulnerability Joe Abley (Jul 17)
- Re: Cisco IOS Vulnerability micah mcnelly (Jul 17)
- Re: Cisco IOS Vulnerability Michael Painter (Jul 17)
- Re: Cisco IOS Vulnerability Daniel Karrenberg (Jul 18)
- Re: Cisco IOS Vulnerability joshua sahala (Jul 18)
- Re: Cisco IOS Vulnerability Petri Helenius (Jul 18)
- RE: Cisco IOS Vulnerability Darrell Kristof (Jul 16)
- Re: Cisco IOS Vulnerability Valdis . Kletnieks (Jul 17)
- Re: Cisco IOS Vulnerability Brian Wallingford (Jul 17)
- RE: Cisco IOS Vulnerability Barry Raveendran Greene (Jul 17)
- Re: Cisco IOS Vulnerability Petri Helenius (Jul 17)