[scg-sec] blackhat presentation
Smith, Donald
Donald.Smith at qwest.com
Fri Jul 29 14:43:42 EDT 2005
I should have included this with my original posting.
Near the bottom Cisco cites a July 27th release of this information at
BlackHat.
Here is the psirt for the ipv6 issue used by Mike Lynn to compromise the
Cisco router during his presentation.
http://www.cisco.com/en/US/products/products_security_advisory09186a0080
4d82c9.shtml
>From people I talked to AT BlackHat. Mr. Lynn did NOT reveal this
vulnerably during his talk.
He did not reveal the specifics of how to reverse engineer a dump to
give you jump points.
He did talk though this paper but left out several specifics that are
included in the paper.
This is Don's PURE speculation. There will not be a router worm that
spreads from router to router. That is too hard.
They will be a router worm that spreads from pc to pc but once it finds
a router attempts to do a remote code execution, owning the router,
reporting into the bot controller, enabling MITM attacks.
Donald.Smith at qwest.com giac
> -----Original Message-----
> From: scg-sec-bounces at puck.nether.net
> [mailto:scg-sec-bounces at puck.nether.net] On Behalf Of Smith, Donald
> Sent: Friday, July 29, 2005 10:47 AM
> To: scg-sec at puck.nether.net
> Subject: [scg-sec] blackhat presentation
>
>
> This presentation is being posted all over the place so you
> may want to take a look at it. Mike Lynn didn't make it
> trivial to exploit routers with this presentation but he did
> make it easier to run code remotely given a vulnerability.
>
http://www.security-protocols.com/whitepapers/lynn-cisco.pdf
Donald.Smith at qwest.com giac
_______________________________________________
scg-sec mailing list
scg-sec at puck.nether.net https://puck.nether.net/mailman/listinfo/scg-sec
More information about the scg-sec
mailing list