Cisco IOS Exploit Cover Up
Buhrmaster, Gary
gtb at slac.stanford.edu
Thu Jul 28 15:14:13 UTC 2005
The video *might* be available on the Washington Post later today.
>From http://netsec.blogspot.com/
"Michael Lynn's "The Holy Grail: Cisco Shellcode and Remote Execution"
presentation blew the doors off of Caesar's Palace Today with a full
shell code exec capabilities for nearly ANY Cisco vulnerability. If
your organization hasn't updated any Cisco IOS-based devices lately,
the devices may be under someone else's control.
The story from Michael Lynn proceed like this: He discovered clues
that there was an issue being exploited when reading translated
Chinese hacker sites that alluded to the issue. It was likely
discovered after the theft of the Cisco Source code in May 2004
which was itself part of a larger series of intrusions. Upon further
research leading to the development of working proo-of-concept code,
he and his former employer ISS notified Cisco. Cisco patched the
issue silently in April but never issued an advisory as to the
seriousness of the issue. Cisco has since pulled all older, vulnerable
versions of IOS from it's web site. After discovering that ISS was
allow Lynn to present on the issue, Cisco CEO John Chambers attempted
to censor the issue. When ISS stood it's ground, John Chambers
requested that the US Government intervene as a matter of national
security to no apparent avail.
The popular press is starting to pick up on the issue now and I hear
rumour that Michael's presentation MIGHT be made available in video
via the Washington Post web site tomorrow."
> -----Original Message-----
> From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu] On
> Behalf Of Network Fortius
> Sent: Wednesday, July 27, 2005 6:39 PM
> To: nanog at merit.edu
> Subject: Re: Cisco IOS Exploit Cover Up
>
>
> I have been searching the net since this morning, for "The Holy
> Grail: Cisco IOS Shellcode Remote Execution", or variations of such.
> This seems to be - at the moment - the most thought after torrent ...
>
> Stef
> Network Fortius, LLC
>
> On Jul 27, 2005, at 8:13 PM, Daniel Golding wrote:
>
> >
> >
> > Since the talk was actually delivered - does anyone have a
> > transcript or a
> > torrent for audio/video?
> >
> > - Dan
> >
> > On 7/27/05 8:10 PM, "Jeff Kell" <jeff-kell at utc.edu> wrote:
> >
> >
> >>
> >> Cisco's response thus far:
> >>
> >> http://www.cisco.com/en/US/about/security/intelligence/
> >> MySDN_CiscoIOS.html
> >>
> >> Jeff
> >>
> >
> >
> >
> >
>
>
More information about the NANOG
mailing list