[83386] in North American Network Operators' Group
Re: Holy Grail
daemon@ATHENA.MIT.EDU (Gadi Evron)
Fri Aug 12 12:58:41 2005
Date: Fri, 12 Aug 2005 19:57:35 +0200
From: Gadi Evron <ge@linuxbox.org>
To: Valdis.Kletnieks@vt.edu
Cc: "J. Oquendo" <sil@politrix.org>, nanog@nanog.org
In-Reply-To: <200508121649.j7CGn2Pw019337@turing-police.cc.vt.edu>
Errors-To: owner-nanog@merit.edu
Valdis.Kletnieks@vt.edu wrote:
> On Fri, 12 Aug 2005 12:33:40 EDT, "J. Oquendo" said:
>
>
>>their equipment. If it's IPv6 based only, and not that big of a threat,
>>then they should see no problem with the information being released.
>
>
> The specific exploit was IPv6 only. The concept that IOS is a sane operating
> system, and that given a vulnerability, you just need to do X and Y and Z in a
> fairly mechanical fashion to make a full blown exploit, is IOS-only.
>
> Cisco is just busy having the same cow that everybody else had on the x86
> platform when Solar Designer wrote "Smashing the Stack for fun and profit",
> because this is basically "Smashing the IOS stack for fun and profit"....
Wasn't that Aleph1?
