lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <42EA971D.7060404@brvenik.com> Date: Fri Jul 29 21:52:57 2005 From: security at brvenik.com (Jason) Subject: Cisco IOS Shellcode Presentation > > Second, the exploit is limited to local network segment, except it seems to > me a worm that spreads from router to router could spread via the local > network since a local network segment is usually defined as the wire between > two routers.. Infection would spread from one router to it's peers, to those > peers, etc. (please correct me if I'm wrong) The different local segments are rarely connected via like routers with like images. You might get several local segments but then you have the edges which are almost always a different model. Today it is unlikely that the ipv6 issue could cause wide spread outage since it cannot traverse routers. There may very well be other issues discovered that can traverse routers but they are still unlikely to be successful as a self propagating worm in large scale. It is likely very feasible to infect like systems and even potentially several different systems with a worm but the overhead and timings involved push that reality out a little bit on the threat time line. A nation might have done this work already but I am doubtful they would release it without good cause. The risk goes up significantly when Cisco moves to a virtualized process space since become very likely.
Powered by blists - more mailing lists