Cisco cover up
Randy Bush
randy at psg.com
Fri Jul 29 00:08:21 UTC 2005
> I suspect there was something slightly more than just giving information
> about the vulnerabilities.. the inference is that they demonstrated
> executing arbitrary code from buffer overflows.. perhaps for example they
> developed ways of opening up privilege vty which I dont think has been
> shown before
we can suspect a lot of things. but, as long as information is
suppressed, all we can do is suspect and be victims of those who
have the time to develop exploits. this is why open disclosure
is soooo important. security through obscurity is a well-known
failure mode.
randy
More information about the NANOG
mailing list