[82750] in North American Network Operators' Group
Re: Cisco cover up
daemon@ATHENA.MIT.EDU (Scott Altman)
Thu Jul 28 16:25:22 2005
Date: Thu, 28 Jul 2005 13:34:15 -0500
From: Scott Altman <staltman@gmail.com>
Reply-To: Scott Altman <staltman@gmail.com>
To: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
On Thu, 28 Jul 2005, Mark Owen wrote:
> Cisco had the exploit fixed in April and no longer offers the exploitable=
OS for download on their site.
To summarize a couple points:
1. Cisco fixes exploit in April
2. IOS Simplification occurs in April, effectively removing all old
versions of code from their website.
3. IOS Simplication is explained (in macro terms) as a way to help
customers navigate available versions; in micro terms, they were
helping their litigation issues around NetFlow Acceleration
So... did IOS simplification also give them a convienent /
coincidental method of patching the vuln. that Lynn used in his
exploit presentation? Or to put in another way: What else got fixed
with IOS Simplification that we don't know about.
One could speculate that the events listed above lead you to a good
stake in the ground as to whether or not your code is vulnerable, if
it's currently downloadable... it must be good! <snicker>
Another observation: Given the audience of Black Hat (well-connected
network types with a penchant for distributing information ahead of
the curve) why is there so little factual information about what was
presented?
- Scott
