-----BEGIN PGP SIGNED MESSAGE-----
Other problem people face and im sure others do as well with patching
equipment is "Certs" some devices are cleared for work on set OS lvls.
For instance the new PIX OS code isnt EAL4 cert..
So patching isnt always an option.
Layered defence is the best option I say. That way one weakness can be
removed by a second system.
- -----Original Message-----
From: Kelly Martin [mailto:kel () securityfocus com]
Sent: Thursday, 4 August 2005 10:42 AM
To: ddjjembe 2
Cc: security-basics () securityfocus com
Subject: Re: Mike Lynn released information about a hacking Cisco IOS
ddjjembe 2 wrote:
Last week Mike Lynn released information about a hacking Cisco IOS.
Is there a patch to protect from this vulnerability?
Just keep your routers patched and you'll be safe. He used a very new
technique with an old vulnerability that has already been patched. The
biggest issue is that people aren't used to patching their Cisco routers
because no one has even been able to prove that shellcode can run on IOS
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (MingW32)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----