lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20050811102130.GD2384@starhacker.org>
Date: Thu, 11 Aug 2005 12:21:30 +0200
From: FX <fx@...noelit.de>
To: full-disclosure@...ts.grok.org.uk, news@...uriteam.com,
	vuln@...unia.com, bugtraq@...urityfocus.com
Cc: abaddon@...com
Subject: ISS vs. Cisco: Chapter 2


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dear list reader,

this morning I found to my complete surprise the following email in my inbox,
which sheds some light from a different angle on the whole ISS and Cisco
story:

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

FX,

I heard you have got shell code working against IOS.  Can you share
any details, or provide the code? 

Thanks,

Chris


- - --------------------------------------------------------------
Chris Rouland
CTO
Internet Security Systems, Inc.
http://xforce.iss.net
crouland@....net  

- -----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQA/AwUBQvpqDd/TKefTUYbMEQJ2FACg6qOo57klGccK7GEu7KIB2t6ZXQMAoKv8
tYeVt00aKfZ6eLDGTEIcPhG4
=B6fL
- -----END PGP SIGNATURE-----

The inclined reader may verify Mr. Rouland's signature using his key:
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD35186CC

I appreciate Mr. Rouland acknowledges the work Phenoelit has done 
on Cisco IOS and actually realises that Michael Lynn build on this work
for his exploit, while the actual shellcode was entirely different from 
codes we were using. 

According to various sources, Michael Lynn was supposed to give copies 
of his hard drive content to ISS and Cisco
(http://blogs.washingtonpost.com/securityfix/2005/07/ciscogate_updat.html),
which leaves the question why ISS needs our shellcodes.

Mr. Rouland, the information you are looking for is posted at
http://www.phenoelit.de/ultimaratio/index.html since 2002 and was 
presented at the BlackHat USA Briefings in the same year:
http://www.blackhat.com/html/bh-usa-02/bh-usa-02-speakers.html#FX

Phenoelit continues to look for and find bugs in Cisco IOS. We will also
continue our excellent relationship to the people at PSIRT to help fixing
these vulnerabilities and may release advisories covering those when, and 
only when the respective fixes are available, tested and released by Cisco.

I leave the ethical aspects of this request by ISS for the consideration 
of the inclined reader.

cheers
FX

- -- 
         FX           <fx@...noelit.de>
      Phenoelit   (http://www.phenoelit.de)
672D 64B2 DE42 FCF7 8A5E E43B C0C1 A242 6D63 B564
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFC+yaqwMGiQm1jtWQRAsAYAKCKT3H7cBkGwkcL0qdUEr1LKLt+9wCgobou
eGVJIm5dz5Hb3jlHMxDun6Y=
=mgeG
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ