nanog mailing list archives
RE: Cisco IOS Exploit Cover Up
From: "Buhrmaster, Gary" <gtb () slac stanford edu>
Date: Thu, 28 Jul 2005 08:14:13 -0700
The video *might* be available on the Washington Post later today.
From http://netsec.blogspot.com/
"Michael Lynn's "The Holy Grail: Cisco Shellcode and Remote Execution" presentation blew the doors off of Caesar's Palace Today with a full shell code exec capabilities for nearly ANY Cisco vulnerability. If your organization hasn't updated any Cisco IOS-based devices lately, the devices may be under someone else's control. The story from Michael Lynn proceed like this: He discovered clues that there was an issue being exploited when reading translated Chinese hacker sites that alluded to the issue. It was likely discovered after the theft of the Cisco Source code in May 2004 which was itself part of a larger series of intrusions. Upon further research leading to the development of working proo-of-concept code, he and his former employer ISS notified Cisco. Cisco patched the issue silently in April but never issued an advisory as to the seriousness of the issue. Cisco has since pulled all older, vulnerable versions of IOS from it's web site. After discovering that ISS was allow Lynn to present on the issue, Cisco CEO John Chambers attempted to censor the issue. When ISS stood it's ground, John Chambers requested that the US Government intervene as a matter of national security to no apparent avail. The popular press is starting to pick up on the issue now and I hear rumour that Michael's presentation MIGHT be made available in video via the Washington Post web site tomorrow."
-----Original Message----- From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of Network Fortius Sent: Wednesday, July 27, 2005 6:39 PM To: nanog () merit edu Subject: Re: Cisco IOS Exploit Cover Up I have been searching the net since this morning, for "The Holy Grail: Cisco IOS Shellcode Remote Execution", or variations of such. This seems to be - at the moment - the most thought after torrent ... Stef Network Fortius, LLC On Jul 27, 2005, at 8:13 PM, Daniel Golding wrote:Since the talk was actually delivered - does anyone have a transcript or a torrent for audio/video? - Dan On 7/27/05 8:10 PM, "Jeff Kell" <jeff-kell () utc edu> wrote:Cisco's response thus far: http://www.cisco.com/en/US/about/security/intelligence/ MySDN_CiscoIOS.html Jeff
Current thread:
- RE: Cisco IOS Exploit Cover Up, (continued)
- RE: Cisco IOS Exploit Cover Up Christopher L. Morrow (Jul 28)
- Re: Cisco IOS Exploit Cover Up John Forrister (Jul 29)
- Re: Cisco IOS Exploit Cover Up David Barak (Jul 29)
- Re: Cisco IOS Exploit Cover Up Scott Whyte (Jul 29)
- RE: Cisco IOS Exploit Cover Up Scott Morris (Jul 29)
- RE: Cisco IOS Exploit Cover Up David Barak (Jul 29)
- Re: Cisco IOS Exploit Cover Up Janet Sullivan (Jul 29)
- Re: Cisco IOS Exploit Cover Up Chris Adams (Jul 29)
- Re: Cisco IOS Exploit Cover Up Valdis . Kletnieks (Jul 29)
- Re: Cisco IOS Exploit Cover Up Suresh Ramasubramanian (Jul 30)
- Re: Cisco IOS Exploit Cover Up Hyunseog Ryu (Jul 28)
- Re: Cisco IOS Exploit Cover Up Petri Helenius (Jul 29)
- Re: Cisco IOS Exploit Cover Up Stephen Fulton (Jul 29)
- Re: Cisco IOS Exploit Cover Up Christopher L. Morrow (Jul 30)
- Re: Cisco IOS Exploit Cover Up Petri Helenius (Jul 30)