Cisco IOS Vulnerability

• Previous message (by thread): Cisco IOS Vulnerability
• Next message (by thread): Cisco IOS Vulnerability
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thursday, Jul 17, 2003, at 15:59 Canada/Eastern, Andy Dills wrote:

> On Thu, 17 Jul 2003, Jack Bates wrote:
>
>> Sendmail root exploit took less than 24 hours to craft. I suspect that
>> this exploit will be found within 48 hours. Enough information was
>> provided to quickly guess where the problem lies with IPv4 processing.
>
> Sendmail is open source, IOS is not.
>
> Knowing where the problem is and knowing how to exploit it are two
> entirely different situations.

If any IOS source code has ever found its way out of cisco since IOS 
10.3 (and surely, that must have happened), then it seems reasonable to 
assume that there are people in the world currently comparing the 
advisory to the source.


Joe

• Previous message (by thread): Cisco IOS Vulnerability
• Next message (by thread): Cisco IOS Vulnerability
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]