Dailydave mailing list archives
RE: Lynn / Cisco shellcode
From: surreal () delusory org
Date: Fri, 29 Jul 2005 19:50:25 -0700
Thor Larholm wrote:
Thanks for the clarification :)
No prob. This kinda thing gets me irrationally worked up. <shrug>
Perhaps you can clarify this as well: Cisco just released a security advisory (http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml) which patches a code execution vulnerability in pretty much all IOS systems. They credit Michael Lynn for disclosing this vulnerability at Blackhat, before the patch was created.
Mike stated that the vuln that he was exploiting had been patched in April of this year, and Cisco has pulled all the older, vulnerable downloads of IOS from their site. The slides that have been posted to various spots are the pre-shit-hitting-the-fan version. The ones he showed didn't have the ISS logo, and he'd redacted addresses on several of the pages with black smudges. He said that he'd also removed some of the slides.
Did Lynn disclose an unpatched IOS vulnerability during his presentation?
I'd have to say "no", but I'm no IOS hacker. Surreal _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- RE: Lynn / Cisco shellcode, (continued)
- RE: Lynn / Cisco shellcode Todd Towles (Jul 28)
- RE: Lynn / Cisco shellcode Dowd, Mark (ISS Atlanta) (Jul 28)
- RE: Lynn / Cisco shellcode Dennis Cox (Jul 28)
- RE: Lynn / Cisco shellcode Dennis Cox (Jul 28)
- RE: Lynn / Cisco shellcode Michael J Freeman (Jul 28)
- RE: Lynn / Cisco shellcode Thor Larholm (Jul 29)
- RE: Lynn / Cisco shellcode surreal (Jul 29)
- Re: Lynn / Cisco shellcode Ron Guerin (Jul 29)
- Re: Lynn / Cisco shellcode Anthony Zboralski (Jul 29)
- Re: Lynn / Cisco shellcode Thor Larholm (Jul 29)
- RE: Lynn / Cisco shellcode surreal (Jul 29)
- Re: Lynn / Cisco shellcode Ejovi Nuwere (Jul 30)
- Re: Lynn / Cisco shellcode Ejovi Nuwere (Jul 30)
- Re: Lynn / Cisco shellcode Nicholas Cross (Aug 01)
- Re: Lynn / Cisco shellcode Ejovi Nuwere (Jul 30)