lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20050729184249.GO12208@jkdt.thrashyour.com> Date: Fri Jul 29 21:23:35 2005 From: jlk at thrashyour.com (John Kinsella) Subject: Cisco IOS Shellcode Presentation Lynn's is not a vulnerability per-se, in my mind, but a way to take a vulnerability and turn it into Something Useful. John On Fri, Jul 29, 2005 at 03:02:38PM -0500, Madison, Marc wrote: > Am I missing something here, because it seems that two vulnerabilities > are being discussed, one is the IPv6 DOS > http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml. And > the other is Lynn presentation on shellcode execution via the IOS? > > -----Original Message----- > From: full-disclosure-bounces@...ts.grok.org.uk > [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Geo. > Sent: Friday, July 29, 2005 2:57 PM > To: full-disclosure@...ts.grok.org.uk > Subject: RE: [Full-disclosure] Cisco IOS Shellcode Presentation > > >>Read the advisory a bit closer. Here the relevant lines: > "Products that are not running Cisco IOS are not affected. > Products running any version of Cisco IOS that do not have IPv6 > configured interfaces are not vulnerable." > > Yes, IOS versions that have the fix, or that don't even run IPv6 are not > *vulnerable*. But all IOS versions are *affected* by the *mechanism* he > described. << > > It's acutally a bit worse than that, IPv6 is enabled on all interfaces, > you have to execute "no ipv6 enable" and "no ipv6 address" command on > each interface to disable it. > > Second, the exploit is limited to local network segment, except it seems > to me a worm that spreads from router to router could spread via the > local network since a local network segment is usually defined as the > wire between two routers.. Infection would spread from one router to > it's peers, to those peers, etc. (please correct me if I'm wrong) > > Geo. > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists