[83385] in North American Network Operators' Group
Re: Holy Grail
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Fri Aug 12 12:54:25 2005
To: "J. Oquendo" <sil@politrix.org>
Cc: nanog@nanog.org
In-Reply-To: Your message of "Fri, 12 Aug 2005 12:33:40 EDT."
<Pine.GSO.4.58.0508121233050.4763@kungfunix.net>
From: Valdis.Kletnieks@vt.edu
Date: Fri, 12 Aug 2005 12:49:02 -0400
Errors-To: owner-nanog@merit.edu
--==_Exmh_1123865341_3139P
Content-Type: text/plain; charset=us-ascii
On Fri, 12 Aug 2005 12:33:40 EDT, "J. Oquendo" said:
> their equipment. If it's IPv6 based only, and not that big of a threat,
> then they should see no problem with the information being released.
The specific exploit was IPv6 only. The concept that IOS is a sane operating
system, and that given a vulnerability, you just need to do X and Y and Z in a
fairly mechanical fashion to make a full blown exploit, is IOS-only.
Cisco is just busy having the same cow that everybody else had on the x86
platform when Solar Designer wrote "Smashing the Stack for fun and profit",
because this is basically "Smashing the IOS stack for fun and profit"....
--==_Exmh_1123865341_3139P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFC/NL9cC3lWbTT17ARAioKAKCrl8s6Jv9NN7g370S+wDOO6jWhvQCfQiDW
Hc3cci2wtlMO4RzGyfP0sJM=
=yCXB
-----END PGP SIGNATURE-----
--==_Exmh_1123865341_3139P--
