Cisco IOS Vulnerability

• Previous message (by thread): Cisco IOS Vulnerability
• Next message (by thread): Cisco IOS Vulnerability
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 17.07 15:59, Andy Dills wrote:
> Sendmail is open source, IOS is not.
> 
> Knowing where the problem is and knowing how to exploit it are two
> entirely different situations.

You are naive: Security through obscurity has never worked.
You need secrecy if you go down this road; and that is hard to do.

We are extremely lucky that Cisco managed to keep this under wraps for more 
than two months. 

The luck will not stretch to noone having the source code to a version of
IOS with the probelm or the imagination necessary to find it without source. 

Daniel

• Previous message (by thread): Cisco IOS Vulnerability
• Next message (by thread): Cisco IOS Vulnerability
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]