nanog mailing list archives

RE: Cisco IOS Exploit Cover Up

From: "Hannigan, Martin" <hannigan () verisign com>
Date: Wed, 27 Jul 2005 15:33:44 -0400



For those who like to keep abreast of security issues, there are  
interesting developments happening at BlackHat with regards to Cisco  
IOS and its vulnerability to arbitrary code executions.

I apologize for the article itself being brief and lean on technical  
details, but allow me to say that it does represent a real problem  
(as in practical and confirmed):

http://blogs.washingtonpost.com/securityfix/2005/07/mending_a_
hole_.html



Yes, practical _and_ confirmed, but you'll never get $vendor to 
admit it, which is the problem to begin with. 
  

-M<

Current thread:

Cisco IOS Exploit Cover Up James Baldwin (Jul 27)
- Re: Cisco IOS Exploit Cover Up James Baldwin (Jul 27)
- <Possible follow-ups>
- RE: Cisco IOS Exploit Cover Up Hannigan, Martin (Jul 27)
- RE: Cisco IOS Exploit Cover Up Fergie (Paul Ferguson) (Jul 27)
  - Re: Cisco IOS Exploit Cover Up Andre Ludwig (Jul 27)
  - RE: Cisco IOS Exploit Cover Up Dan Hollis (Jul 27)
    - RE: Cisco IOS Exploit Cover Up Neil J. McRae (Jul 28)
    - Re: Cisco IOS Exploit Cover Up Florian Weimer (Jul 28)
    - Re: Cisco IOS Exploit Cover Up Leo Bicknell (Jul 28)
    - Re: Cisco IOS Exploit Cover Up Christopher L. Morrow (Jul 28)
    - Re: Cisco IOS Exploit Cover Up James Baldwin (Jul 28)
    - Re: Cisco IOS Exploit Cover Up Eric Rescorla (Jul 28)
    - Re: Cisco IOS Exploit Cover Up Brett Frankenberger (Jul 28)

(Thread continues...)