| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <301356f5050801125272257ec2@mail.gmail.com> Date: Mon Aug 1 20:52:24 2005 From: wintrmte at gmail.com (Sam Evans) Subject: RE: Getting a clue at Cisco Just curious -- if the April patch fixed the vulnerability discussed, then that would mean (according to Cisco) that the vulnerability affected IPV6 and not IPV4, correct? On 8/1/05, byte_jump <bytejump@...il.com> wrote: > > In my opinion, probably the grossest error made by Cisco in all of > this was silently patching their IOS back in April. Anyone who's ever > used Cisco's software knows that you can never run the latest release, > unless you want things to break, and break badly. As a result, how > many organizations were at the latest, patched IOS release as of > BlackHat? Not many, I'd wager. If, however, Cisco had come clean and > told everyone that there is a serious problem in their IOS and > exploitation is being actively researched by Chinese hacker groups, > you'd see a lot more uptake of that April IOS release. Instead, Cisco > hangs their customers out to dry. > > Shameful, just shameful. > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050801/40aa7ee1/attachment.html
Powered by blists - more mailing lists