Cisco IOS Exploit Cover Up

• Previous message (by thread): Cisco IOS Exploit Cover Up
• Next message (by thread): Cisco IOS Exploit Cover Up
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jul 28, 2005 at 07:03:31AM -0700, Eric Rescorla wrote:
> 
> Can you or someone else who was there or has some details describe
> what the actual result is and what the fix was? Based on what I've
> been reading, it sounds like Lynn's result was a method for exploiting
> arbitrary new vulnerabilities. Are you saying that this method can't
> be used in future IOS revs? 

As nearly as I can tell from reports (I wasn't there), he (1) talked
about a general way to exploit a buffer overflow to cause arbitrary
code execution (this would apply to buffer overflows generally, but
would be completely useless if you didn't know of a buffer overflow to
exploit), and (2) demonstrated his technique using a previosuly known
buffer overflow vulnerability which Cisco has already patched.

So Cisco is correct in saying that he didn't identifiy any new
vulnerabilities, and Cisco is also correct in saying that the
vulnerability he used in his presentation to demonstrate his technique
has been patched.  However, the same technique will be useful on the
next buffer overflow vulnerability to be discovered.

     -- Brett

• Previous message (by thread): Cisco IOS Exploit Cover Up
• Next message (by thread): Cisco IOS Exploit Cover Up
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]