Cisco cover up

Scott Altman staltman at gmail.com
Thu Jul 28 18:34:15 UTC 2005


On Thu, 28 Jul 2005, Mark Owen wrote:
> Cisco had the exploit fixed in April and no longer offers the exploitable OS for download on their site.

To summarize a couple points:
1. Cisco fixes exploit in April
2. IOS Simplification occurs in April, effectively removing all old
versions of code from their website.
3. IOS Simplication is explained (in macro terms) as a way to help
customers navigate available versions; in micro terms, they were
helping their litigation issues around NetFlow Acceleration

So... did IOS simplification also give them a convienent /
coincidental method of patching the vuln. that Lynn used in his
exploit presentation?  Or to put in another way:  What else got fixed
with IOS Simplification that we don't know about.

One could speculate that the events listed above lead you to a good
stake in the ground as to whether or not your code is vulnerable, if
it's currently downloadable... it must be good!  <snicker>

Another observation:  Given the audience of Black Hat (well-connected
network types with a penchant for distributing information ahead of
the curve) why is there so little factual information about what was
presented?

 - Scott



More information about the NANOG mailing list