| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20050730105209.22607.qmail@paddy.troja.mff.cuni.cz> Date: Sat Jul 30 11:51:58 2005 From: peak at argo.troja.mff.cuni.cz (Pavel Kankovsky) Subject: Cisco IOS Shellcode Presentation On Fri, 29 Jul 2005, Frank Knobbe wrote: > That means that the once thought-to-be-invulnerable boxes running IOS > are in fact as vulnerable as a Windows boxes. Once you get process > control, you can do whatever you like. Hmm...the fact Cisco uses general purpose CPUs (e.g. PowerPC 4xx) in their box has been shamelessly announced by "show version" for years. Perhaps they should sue themselves? The presentation is nice but it does not reveal nothing you cannot find out yourself with a Cisco box to play with and a little bit of ingenuity. But I can understand why they make so much fuss about it. Lynn told the people the emperor wears no clothes. Emperors always freak out whan it happens. > (What is TCB anyway? Certainly not Trusted Computing Base :) No. It's Transmission Control Block. See RFC 793 "Transmission Control Protocol". "I don't know what this stands for, and neither did the people at Cisco I spoke with", esp. the 2nd part, is something I find rather unbelievable. Perhaps Lynn did not talk to the right people at Cisco. Or perhaps Cisco has already finished its transformation to the modern kind of bussines and got rid of anyone with a clue? --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation."
Powered by blists - more mailing lists