| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 10 Oct 2007 10:55:54 +0100
From: "Andy Davis" <andy.davis@...plc.com>
To: <full-disclosure@...ts.grok.org.uk>
Subject: IRM Demonstrates Multiple Cisco IOS Exploitation
Techniques
In August 2005 at Black Hat Las Vegas, Michael Lynn delivered his
infamous presentation entitled "Cisco IOS Shellcode and Exploitation
Techniques". For the first time ever, remote exploitation of Cisco IOS
was publicly demonstrated using shellcode that spawned a connect-back or
"reverse" shell. His shellcode was never released outside Cisco.
Over the last few months IRM have been researching the security of Cisco
IOS which has resulted in the discovery of a series of serious security
vulnerabilities (including three new stack overflows). Advisories and
associated IOS patches will be released over the coming months, starting
with the first - a co-ordinated release between IRM and Cisco at 12:00
EST today (http://www.irmplc.com/index.php/107-Advisories)
During the research, three shellcode payloads for IOS exploits were
developed - a "reverse" shell, a password-protected "bind" shell and
another "bind" shell that is achieved using only two 1-byte memory
overwrites. IRM have produced videos demonstrating each of these
payloads in action within a development environment. They can be viewed
here:
http://www.irmplc.com/index.php/153-Embedded-Systems-Security
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists