Cisco/BlackhatWe did receive quite a bit of input about Michael Lynn's presentation about the Cisco flaws. Beyond what was reported in the press, we have nothing new/different to add. It looks like things will move to the courts. The quick summary: Michael Lynn talked about how to better exploit known flaws in Cisco IOS. He did not talk about any new / 0 day vulnerability. However, with his work it could be easier to write exploit code that will change router settings or run arbitrary code. Most of these techniques have been discussed before, but the presentation put a lot of them in an easier to understand content. What does it mean for companies running Cisco equipment: Patch. It is possible that some flaws, which where considered 'DOS only' flaws at this point, can be used to execute code on the router. Cisco routers may attrack more attention as a result of the presentation (not like they got left out of the games so far). So again: Nothing fundamentally new, but a new quality of exploitation. At this point, its more of a legal issue then a technical issue. Some links that go into more detail about the affair: http://blogs.washingtonpost.com/securityfix/ http://www.securityfocus.com/news/11259 Feel free to voice your opinion in our , but keep it civil (the forum is moderated, and now email addresses are obfuscated). Windows Genuine Advantage updateUpdate to windows genuine advantage. One reader pointed out that despite microsoft's asserting to the contrary this "patch" could be backed out. I won't be providing the details. Donald Smith |
Handlers 76 Posts Jul 28th 2005 |
| Thread locked Subscribe |
Jul 28th 2005 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
