Re: Cisco cover up

2005-07-28 Thread Randy Bush
> I suspect there was something slightly more than just giving information > about the vulnerabilities.. the inference is that they demonstrated > executing arbitrary code from buffer overflows.. perhaps for example they > developed ways of opening up privilege vty which I dont think has been > sh

RE: Cisco cover up

2005-07-28 Thread James Edwards
On Thu, 2005-07-28 at 12:58, Robert Crowe wrote: > This has nothing to do with the recent events. > > > - RC > james edwards wrote: > > I am not sure if this is the correct doc, but it is recent (April/May 05) > and does indicate what IOS versions are being dropped and what IOS one > should

Re: Cisco cover up

2005-07-28 Thread Jared Mauch
On Thu, Jul 28, 2005 at 01:34:15PM -0500, Scott Altman wrote: > > On Thu, 28 Jul 2005, Mark Owen wrote: > > Cisco had the exploit fixed in April and no longer offers the exploitable > > OS for download on their site. > > To summarize a couple points: > 1. Cisco fixes exploit in April > 2. IOS S

Re: Cisco cover up

2005-07-28 Thread Stephen Sprunk
Thus spake "Mikael Abrahamsson" <[EMAIL PROTECTED]> On Thu, 28 Jul 2005, Mark Owen wrote: Cisco had the exploit fixed in April and no longer offers the exploitable OS for download on their site. And the list of vulnerable IOS versions is where? I don't care exactly what the exploit is b

RE: Cisco cover up

2005-07-28 Thread Robert Crowe
This has nothing to do with the recent events. - RC -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of james edwards Sent: Thursday, July 28, 2005 2:26 PM To: Mikael Abrahamsson; [EMAIL PROTECTED] Subject: Re: Cisco cover up > > And the l

Re: Cisco cover up

2005-07-28 Thread Scott Altman
On Thu, 28 Jul 2005, Mark Owen wrote: > Cisco had the exploit fixed in April and no longer offers the exploitable OS > for download on their site. To summarize a couple points: 1. Cisco fixes exploit in April 2. IOS Simplification occurs in April, effectively removing all old versions of code fr

Re: Cisco cover up

2005-07-28 Thread james edwards
> > And the list of vulnerable IOS versions is where? I am not sure if this is the correct doc, but it is recent (April/May 05) and does indicate what IOS versions are being dropped and what IOS one should migrate to. http://www.cisco.com/en/US/customer/products/sw/iosswrel/ps5187/prod_bulle

Re: Cisco cover up

2005-07-28 Thread Florian Weimer
* James Baldwin: > On Jul 28, 2005, at 1:50 PM, Joseph S D Yao wrote: > >> Given that it was clear that Lynn had NDA access to the Cisco >> source code already, it seems pretty clear that the original poster >> wasn't even speculating that he had stolen it, but to potential >> exploiters' having

Re: Cisco cover up

2005-07-28 Thread Joseph S D Yao
On Thu, Jul 28, 2005 at 02:04:28PM -0400, James Baldwin wrote: > On Jul 28, 2005, at 1:50 PM, Joseph S D Yao wrote: > > >Given that it was clear that Lynn had NDA access to the Cisco source > >code already, it seems pretty clear that the original poster wasn't > >even > >speculating that he had

Re: Cisco cover up

2005-07-28 Thread Chris Adams
Once upon a time, Mark Owen <[EMAIL PROTECTED]> said: > Cisco had the exploit fixed in April and no longer offers the > exploitable OS for download on their site. But which versions are vulnerable? I don't just go upgrade my IOS at random, hoping to fix unknown bugs (while introducing additional

Re: Cisco cover up

2005-07-28 Thread James Baldwin
On Jul 28, 2005, at 1:50 PM, Joseph S D Yao wrote: Given that it was clear that Lynn had NDA access to the Cisco source code already, it seems pretty clear that the original poster wasn't even speculating that he had stolen it, but to potential exploiters' having done so. Eh? Lynn did not

Re: Cisco cover up

2005-07-28 Thread Joseph S D Yao
On Wed, Jul 27, 2005 at 04:14:30PM -0500, Olsen, Jason wrote: > From: James Baldwin > > This had _nothing_ to do with the source code that was > > stolen. I have dealt with Lynn professionally on many > > occasions and he has shown himself to have more than a fair > > share of integrity. It is

Re: Cisco cover up

2005-07-28 Thread Mikael Abrahamsson
On Thu, 28 Jul 2005, Mark Owen wrote: Cisco had the exploit fixed in April and no longer offers the exploitable OS for download on their site. And the list of vulnerable IOS versions is where? I don't care exactly what the exploit is but I want to know the risks involved and what versio

Re: Cisco cover up

2005-07-28 Thread Mark Owen
On 7/27/05, J. Oquendo <[EMAIL PROTECTED]> wrote: > Complete PR disaster? Maybe they're still working on the fix and didn't > want those on the blackhat scene to have a glimpse of how they intended on > fixing things. I wonder if this has exploit_foo_bar has anything to do > with their code being

Re: Cisco cover up

2005-07-28 Thread Stephen J. Wilcox
On Wed, 27 Jul 2005, James Baldwin wrote: > Cisco had initially approved this talk. My understanding is that this has been > fixed and no current IOS images were vulnerable to the techniques he was > describing. ISS, Lynn, and Cisco had been working together for months on this > issue before the

RE: Cisco cover up

2005-07-27 Thread Olsen, Jason
From: James Baldwin > This had _nothing_ to do with the source code that was > stolen. I have dealt with Lynn professionally on many > occasions and he has shown himself to have more than a fair > share of integrity. It is uncalled for to take to disparate > events and place them together in

Re: Cisco cover up

2005-07-27 Thread James Baldwin
On Jul 27, 2005, at 4:48 PM, J. Oquendo wrote: On Wed, 27 Jul 2005, Dan Hollis wrote: This is looking like a complete PR disaster for cisco. They would have been better off allowing the talk to take place, and actually fixing the holes rather than wasting money on a small army of razorblad

Cisco cover up

2005-07-27 Thread J. Oquendo
On Wed, 27 Jul 2005, Dan Hollis wrote: > > This is looking like a complete PR disaster for cisco. They would have > been better off allowing the talk to take place, and actually fixing the > holes rather than wasting money on a small army of razorblade-equipped > censors. > > -Dan Complete PR d