Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: More Cisco/Blackhat SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
More Cisco/Blackhat

Cisco/Blackhat



We did receive quite a bit of input about Michael Lynn's presentation about the
Cisco flaws. Beyond what was reported in the press, we have nothing new/different
to add. It looks like things will move to the courts.

The quick summary: Michael Lynn talked about how to better exploit known
flaws in Cisco IOS. He did not talk about any new / 0 day vulnerability. However,
with his work it could be easier to write exploit code that will change router
settings or run arbitrary code. Most of these techniques have been discussed before, but the presentation put a lot of them in an easier to understand content.

What does it mean for companies running Cisco equipment: Patch. It is possible that some flaws, which where considered 'DOS only' flaws at this point, can be
used to execute code on the router. Cisco routers may attrack more attention
as a result of the presentation (not like they got left out of the games so far).

So again: Nothing fundamentally new, but a new quality of exploitation. At this point, its more of a legal issue then a technical issue.

Some links that go into more detail about the affair:

http://blogs.washingtonpost.com/securityfix/

http://www.securityfocus.com/news/11259
Feel free to voice your opinion in our , but keep it civil (the forum is moderated, and now email addresses are obfuscated).

Windows Genuine Advantage update


Update to windows genuine advantage.
One reader pointed out that despite microsoft's asserting to the contrary this "patch" could be backed out. I won't be providing the details. Donald Smith
Handlers

76 Posts
Jul 28th 2005

Sign Up for Free or Log In to start participating in the conversation!