| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20030101234216.GG217@echelon.cluster.phenoelit.de>
From: fx at phenoelit.de (FX)
Subject: DMCA & Source Tree Abuse
> ----- Forwarded message from Jack Ahz <anoncoder@...oo.com> -----
> The latest striking example is this Phrack article entitled "Burning the
> bridge: Cisco IOS exploits" by the german hacker FX. While the author makes
> several bold claims that he relied purely on the powers of the Force to reverse
> engineer IOS internals, it is quite apparent that the coincidence that IOS 11.3
> is the only
> known version to have leaked widely to the computer underground and IOS 11.3 is
> the only version his exploit works on is slim indeed! I'm sure he figured out
> malloc chunk fields such as 'Last deallocation address' purely on his own, just
> by tinkering around on the serial line.
AFAIK, the code that leaked is 11.2. At least, that's what ppl offer.
The information (funny: especially the "Last deallocation address") were taken
from PPT shows known as "Networker" off the public cisco.com site.
And the simple reason for knowing 11.3 best: Got a 11.3 box here and 12.0 is
not vulnerable.
cheers
FX
--
FX <fx@...noelit.de>
Phenoelit (http://www.phenoelit.de)
672D 64B2 DE42 FCF7 8A5E E43B C0C1 A242 6D63 B564
Powered by blists - more mailing lists