Re: New cisco exploit published in the media today

[Ariel Biener <ariel () fireball tau ac il>]

On Mon, 29 Mar 2004, Scott Call wrote:

> Forgive the not panicing, but none of the exploits utilized by this tool
> are new, the newest being a year old, most being 2-3 years old, judging by
> the dates on the cisco pages.

Which brings to mind the question of when will reporters be able to
"objectively" report something, and not "attenuate" certain aspects for
the benefit of creating a "scoop".

I perfectly understand the need to make public the availability of this
new cracking tool, but I do not understand why there was no mention of
the fact it exploits bugs that are 1.5-3 years old, which would have put
matters in the proper perspective, instead of trying to create commotion
as if some immediate danger was hanging above our enterprise LANs.


*sigh*


--Ariel

> -S
>
> On Mon, 29 Mar 2004, Henry Linneweh wrote:
>
> > Cisco warns of new hacking toolkit
> > http://www.infoworld.com/article/04/03/29/HNhackingtoolkit_1.html
> >
> > exploit location
> > http://www.blackangels.it/
> >
> > -Henry
> >
> >
> >
> > !DSPAM:4068933e94641474817789!
>
> --
> Scott Call    Router Geek, ATGi, home of$6.95 Prime Rib
> I make the world a better place, I boycott Wal-Mart
> VoIP incoming: +1 360-382-1814
>
>
>  +++++++++++++++++++++++++++++++++++++++++++
>  This Mail Was Scanned By Mail-seCure System
>  at the Tel-Aviv University CC.

--
Ariel Biener
e-mail: ariel () post tau ac il
PGP(6.5.8) public key http://www.tau.ac.il/~ariel/pgp.html