Educause Security Discussion mailing list archives
Re: Cisco IOS Vulnerablity
From: Jeff Kell <jeff-kell () UTC EDU>
Date: Thu, 3 Nov 2005 09:54:53 -0500
John Ladwig wrote:
That was my take on it, too. Seems like it shoulda been a press release, *unless* there's some nasty unannounced heap overflow in the QA pipeline.
My take is sort of an extension to the rootshell part of Lynn's controversial Blackhats presentation a few months back. This isn't a new vulnerability in and of itself, but a new and dangerous way to exploit IOS once you get there. Jeff
Current thread:
- Cisco IOS Vulnerablity Scott Genung (Nov 02)
- <Possible follow-ups>
- Re: Cisco IOS Vulnerablity Arturo Servin (Nov 03)
- Re: Cisco IOS Vulnerablity Gary Flynn (Nov 03)
- Re: Cisco IOS Vulnerablity Gary Golomb (Nov 03)
- Re: Cisco IOS Vulnerablity John Ladwig (Nov 03)
- Re: Cisco IOS Vulnerablity Jeff Kell (Nov 03)
- Re: Cisco IOS Vulnerablity Chris Harrington (Nov 03)