nanog mailing list archives
RE: "Cisco gate" - Payload Versus Vector
From: Dan Hollis <goemon () anime net>
Date: Tue, 2 Aug 2005 15:29:05 -0700 (PDT)
On Tue, 2 Aug 2005, Randy Bush wrote:
even without stiffling the heap check via crashing_already (i.e. a 'fix' is developed for that weakness), is the 30-60 second window sufficient to do serious operational damage. i.e. what could an attacker do with a code injection with a mean life as short as 15-30 seconds?
change the passwords and write to nvram, and come back later? -Dan
Current thread:
- RE: "Cisco gate" - Payload Versus Vector Randy Bush (Aug 02)
- RE: "Cisco gate" - Payload Versus Vector Dan Hollis (Aug 02)
- RE: "Cisco gate" - Payload Versus Vector Jim Popovitch (Aug 02)
- Re: "Cisco gate" - Payload Versus Vector Petri Helenius (Aug 03)
- RE: "Cisco gate" - Payload Versus Vector Dan Hollis (Aug 02)