Dailydave mailing list archives
Re: Lynn / Cisco shellcode
From: "Andrew R. Reiter" <arr () watson org>
Date: Thu, 28 Jul 2005 03:57:21 -0400 (EDT)
On Wed, 27 Jul 2005 dan () geer org wrote: : :Surely someone on this list has something :to say about the Lynn / Cisco shellcode :item... : :--dan In all honesty, most of the stuff is not new, in my opinion. The big thing of interest, to me, was that he was able to "put it all together." Like, the idea of overwriting heap management pointers/values is not a new idea, but how he figured out about the idle process that does process heap pointer "validation" _WAS_ interesting to me. That was the key, for me, in realizing what was really needed to go from "hrm... there's a bug, but I can't get things to work" to realizing "ah, there's something there that does another check, so we need to do more work to deal with getting around it." The talk, I felt, was mediocre soley b/c of the hype re: lawsuits... and the played out nature of the "so sue me" joke. I did enjoy it however and I think Cisco is way overreacting (as is ISS). I also feel that BlackHat (Inc?) is extremely lame with regards to how they handled the situation... VERY LAME. What about the Checkpoint vulnerabilities from humble, song, et al... a few years ago? Where was the law suits? So, I say "Good work, Mike." Cheers, Andrew -- Andrew R. Reiter arr () watson org _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Lynn / Cisco shellcode dan (Jul 27)
- Re: Lynn / Cisco shellcode Andrew R. Reiter (Jul 28)
- Re: Lynn / Cisco shellcode Halvar Flake (Jul 28)
- Re: Lynn / Cisco shellcode Ron Guerin (Jul 29)
- <Possible follow-ups>
- RE: Lynn / Cisco shellcode Dennis Cox (Jul 27)
- Re: Lynn / Cisco shellcode Christoph Gruber (Jul 28)
- Re: Lynn / Cisco shellcode Saad Kadhi (Jul 28)
- Re: Lynn / Cisco shellcode ET LoWNOISE (Jul 28)
- Re: Lynn / Cisco shellcode Christoph Gruber (Jul 28)
- Re: Lynn / Cisco shellcode Andrew R. Reiter (Jul 28)
- Re: Lynn / Cisco shellcode Francisco Amato (Jul 28)
- Re: Lynn / Cisco shellcode Darren Bounds (Jul 28)
- Re: Lynn / Cisco shellcode Halvar Flake (Jul 28)
- RE: Lynn / Cisco shellcode Thor Larholm (Jul 28)