Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: RE: Getting a clue at Cisco

From: Sam Evans <wintrmte () gmail com>
Date: Mon, 1 Aug 2005 13:52:16 -0600
Just curious -- if the April patch fixed the vulnerability discussed, then 
that would mean (according to Cisco) that the vulnerability affected IPV6 
and not IPV4, correct?
 

 On 8/1/05, byte_jump <bytejump () gmail com> wrote: 


In my opinion, probably the grossest error made by Cisco in all of
this was silently patching their IOS back in April. Anyone who's ever
used Cisco's software knows that you can never run the latest release,
unless you want things to break, and break badly. As a result, how
many organizations were at the latest, patched IOS release as of
BlackHat? Not many, I'd wager. If, however, Cisco had come clean and
told everyone that there is a serious problem in their IOS and
exploitation is being actively researched by Chinese hacker groups,
you'd see a lot more uptake of that April IOS release. Instead, Cisco
hangs their customers out to dry.

Shameful, just shameful.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: