From: Scott Morris (swm@emanon.com)
Date: Sat Jul 30 2005 - 01:05:22 GMT-3
Only if you are running IPv6. And only if someone is on a locally attached
network...
And only if that person doing so has some really good coding capabilities.
And only when three moons of Jupiter are in perfect alignment. (This is
where the entertainment comes in for weighing statistical POSSIBILITY
against statistical PROBABILITY, especially when it's a vulnerability
created with very specific knowledge that most people don't have.)
It's an interesting presentation all in all, and sure, it's a vulnerability.
But there's more hoopla about the whole PROCESS that happened at Black Hat
than any other part. :) It was a horrible day or two in PR for all
involved.
Check out PSIRT. There's a free IOS upgrade in it even for non-contract
holders (gotta call TAC).
HTH,
Scott
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
chon_mon@nym.hush.com
Sent: Friday, July 29, 2005 9:08 PM
To: ccielab@groupstudy.com; security@groupstudy.com
Subject: The Cisco, Black Hat News....
Did anyone catch the news on this particular IOS flaw?
http://cbs2.com/finance/CA--Cisco-SecurityCra-
kf/resources_news_html
Does anyone know which versions have this flaw? Does it affect all Cisco
devices?
Thanks,
Sean
This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:00:32 GMT-3