[82683] in North American Network Operators' Group
RE: Cisco IOS Exploit Cover Up
daemon@ATHENA.MIT.EDU (Hannigan, Martin)
Wed Jul 27 15:34:36 2005
Date: Wed, 27 Jul 2005 15:33:44 -0400
From: "Hannigan, Martin" <hannigan@verisign.com>
To: "James Baldwin" <jbaldwin@antinode.net>, <nanog@merit.edu>
Errors-To: owner-nanog@merit.edu
>=20
>=20
> For those who like to keep abreast of security issues, there are =20
> interesting developments happening at BlackHat with regards to Cisco =20
> IOS and its vulnerability to arbitrary code executions.
>=20
> I apologize for the article itself being brief and lean on technical =20
> details, but allow me to say that it does represent a real problem =20
> (as in practical and confirmed):
>=20
> http://blogs.washingtonpost.com/securityfix/2005/07/mending_a_
> hole_.html
>=20
Yes, practical _and_ confirmed, but you'll never get $vendor to=20
admit it, which is the problem to begin with.=20
=20
-M<
