Full Disclosure mailing list archives
Re: RE: Getting a clue at Cisco
From: Sam Evans <wintrmte () gmail com>
Date: Mon, 1 Aug 2005 13:52:16 -0600
Just curious -- if the April patch fixed the vulnerability discussed, then that would mean (according to Cisco) that the vulnerability affected IPV6 and not IPV4, correct? On 8/1/05, byte_jump <bytejump () gmail com> wrote:
In my opinion, probably the grossest error made by Cisco in all of this was silently patching their IOS back in April. Anyone who's ever used Cisco's software knows that you can never run the latest release, unless you want things to break, and break badly. As a result, how many organizations were at the latest, patched IOS release as of BlackHat? Not many, I'd wager. If, however, Cisco had come clean and told everyone that there is a serious problem in their IOS and exploitation is being actively researched by Chinese hacker groups, you'd see a lot more uptake of that April IOS release. Instead, Cisco hangs their customers out to dry. Shameful, just shameful. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE: Getting a clue at Cisco Daniel Sichel (Aug 01)
- Re: RE: Getting a clue at Cisco Frank Knobbe (Aug 01)
- Re: RE: Getting a clue at Cisco byte_jump (Aug 01)
- Re: RE: Getting a clue at Cisco Sam Evans (Aug 01)
- Re: RE: Getting a clue at Cisco Andrew Simmons (Aug 02)
- Re: RE: Getting a clue at Cisco Ćukasz Bromirski (Aug 02)
- Re: RE: Getting a clue at Cisco byte_jump (Aug 01)
- Re: RE: Getting a clue at Cisco Frank Knobbe (Aug 01)