[82714] in North American Network Operators' Group
Re: Cisco cover up
daemon@ATHENA.MIT.EDU (Stephen J. Wilcox)
Thu Jul 28 11:15:21 2005
Date: Thu, 28 Jul 2005 15:43:46 +0100 (BST)
From: "Stephen J. Wilcox" <steve@telecomplete.co.uk>
To: James Baldwin <jbaldwin@antinode.net>
Cc: "J. Oquendo" <sil@politrix.org>, <nanog@nanog.org>
In-Reply-To: <81BCAB3F-9406-4E63-956C-65DDEFD7EA9A@antinode.net>
Errors-To: owner-nanog@merit.edu
On Wed, 27 Jul 2005, James Baldwin wrote:
> Cisco had initially approved this talk. My understanding is that this has been
> fixed and no current IOS images were vulnerable to the techniques he was
> describing. ISS, Lynn, and Cisco had been working together for months on this
> issue before the talk.
Just because they fixed the bugs doesnt mean there arent a large number of
publically accessible routers out there still running affected versions..
I suspect there was something slightly more than just giving information about
the vulnerabilities.. the inference is that they demonstrated executing
arbitrary code from buffer overflows.. perhaps for example they developed ways
of opening up privilege vty which I dont think has been shown before
Steve
