Full Disclosure mailing list archives
Re: DMCA & Source Tree Abuse
From: FX <fx () phenoelit de>
Date: Thu, 2 Jan 2003 00:42:16 +0100
----- Forwarded message from Jack Ahz <anoncoder () yahoo com> ----- The latest striking example is this Phrack article entitled "Burning the bridge: Cisco IOS exploits" by the german hacker FX. While the author makes several bold claims that he relied purely on the powers of the Force to reverse engineer IOS internals, it is quite apparent that the coincidence that IOS 11.3 is the only known version to have leaked widely to the computer underground and IOS 11.3 is the only version his exploit works on is slim indeed! I'm sure he figured out malloc chunk fields such as 'Last deallocation address' purely on his own, just by tinkering around on the serial line.
AFAIK, the code that leaked is 11.2. At least, that's what ppl offer. The information (funny: especially the "Last deallocation address") were taken from PPT shows known as "Networker" off the public cisco.com site. And the simple reason for knowing 11.3 best: Got a 11.3 box here and 12.0 is not vulnerable. cheers FX -- FX <fx () phenoelit de> Phenoelit (http://www.phenoelit.de) 672D 64B2 DE42 FCF7 8A5E E43B C0C1 A242 6D63 B564 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- DMCA & Source Tree Abuse Jack Ahz (Dec 31)
- <Possible follow-ups>
- Re: DMCA & Source Tree Abuse FX (Jan 01)