Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Mike Lynn released information about a hacking Cisco IOS

From: "McKinley, Jackson" <Jackson.McKinley () team telstra com>
Date: Thu, 4 Aug 2005 11:02:06 +1000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 Other problem people face and im sure others do as well with patching
equipment is "Certs" some devices are cleared for work on set OS lvls.
For instance the new PIX OS code isnt EAL4 cert..

So patching isnt always an option.

Layered defence is the best option I say.  That way one weakness can be
removed by a second system.

- -----Original Message-----
From: Kelly Martin [mailto:kel () securityfocus com] 
Sent: Thursday, 4 August 2005 10:42 AM
To: ddjjembe 2
Cc: security-basics () securityfocus com
Subject: Re: Mike Lynn released information about a hacking Cisco IOS

ddjjembe 2 wrote:

Last week Mike Lynn released information about a hacking Cisco IOS.  
Is there a patch to protect from this vulnerability?


Just keep your routers patched and you'll be safe. He used a very new
technique with an old vulnerability that has already been patched. The
biggest issue is that people aren't used to patching their Cisco routers
because no one has even been able to prove that shellcode can run on IOS
before.

Cheers,

Kelly Martin
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (MingW32)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAkLxaQcACgkQ4Tg6VO8hWutUiwCgjIglhlKa7UvtiXPas8SF//PX
JvMAniMJySWoOevg/CXV3p6kkbr5iqEU
=lS/x
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: