| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <e9d9d4020710231131o5bb97441v1c5a9648e40f5a9b@mail.gmail.com> Date: Tue, 23 Oct 2007 13:31:52 -0500 From: reepex <reepex@...il.com> To: "Andy Davis" <andy.davis@...plc.com>, full-disclosure@...ts.grok.org.uk Subject: Re: IRM Discover More Vulnerabilities in Cisco IOS ---- Bug 1: "The Line Printer Daemon, which provides print server functionality in Cisco IOS is vulnerable to a software flaw whereby the length of the hostname of the router is not checked before being copied into a fixed size memory buffer. ..... However, the attacker must be able to control the hostname of the router, which could be achieved via SNMP." Ok... so for this "remote" attack the victim would need a badly configured snmp listening public... ok pdp architect --- Bug 2: Cisco say its cross-site scripting Ok you are still stealing pdp architect's research --- Bug 3-7,10-15 "Local" attacks on a cisco - lulz Not even pdp would go this low --- Bug 8,9: no info - im sure its elite though Having a bug but releasing no info - sounds like drraid and pdp architec to me ----- so basically you found a bunch of local bugs in ciscos and a bug if you can control snmp - way to go - your "grep -r strcpy *" skills are quiet strong. Eeye and idefense would glady hire you. Do you wonder why you found 12 bugs and get no press but michael lynn finds a couple and cisco is throwing lawyers and lawsuits at him? --- its probably because his mattered and yours are a joke - just like you and your company. On 10/23/07, Andy Davis <andy.davis@...plc.com> wrote: > In the last three months IRM has discovered a total of 13 new security > vulnerabilities in Cisco IOS. These vulnerabilities were reported to > Cisco and have all been allocated PSIRT reference numbers while the root > cause and potential impact of each is investigated. Cisco has taken all > the vulnerability reports extremely seriously and has already started > releasing patches and workarounds to mitigate them (e.g. > http://www.cisco.com/warp/public/707/cisco-sr-20071010-lpd.shtml). As > the remaining patches or workarounds are developed, IRM will release > security advisories, which will include full technical details of each > vulnerability and links to patch download information. > > More information about the new vulnerabilities discovered is available > here: > > http://www.irmplc.com/index.php/111-Vendor-Alerts > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists