- TalkBack 1 of 8:
- Next »
- Thread View
- Flat View
- Not hackers, sysadmins
-
Hah, so we finally get to see it.
http://cryptome.org/
It's a weakness in Cisco's heap checking & security daemons. He found a buffer overflow, and once he found that overflow, figured out how to defeat their heap checking programs which would otherwise reboot the router.
(They have a flag that tell it your crashing already so don't bother with the heap checker!).
Cisco fixed that particular overflow without fixing the heap checking. Cisco didn't put out an advisory so customers would know to upgrade until this Friday. Instead opting for some deal with ISS. (Nice going Cisco/ISS).
Lynn doesn't reveal the original buffer overflow in this slide show so he doesn't put users at risk.
The heap checker is a side show, if Cisco bounds checked all their buffers (the better option than detecting corruption after the fact), then the heap checker is a bonus, not essential.
Not a good-guy gad-guy situation, everyone comes off bad in that. Also I'm wrong for defending Lynn 100% here yesterday, he could have warned everyone that there was a heap overflow that Cisco had fixed but hadn't disclosed and to upgrade their firmware immediately, and that would have had the positive effect without the negative one. - Posted by: Nigel Johnstone Posted on: 07/31/05 You are currently: a Guest | Members login | Terms of Use
Not hackers, sysadmins
Nigel Johnstone | 07/31/05
|
|
Bullying by big companies
cheverst@... | 07/31/05
|
|
Lynn is a hero.
bjbrock | 07/31/05
|
|
Spell Check
nanohornet | 07/31/05
|
|
typo
csp122 | 07/31/05
|
|
Businesses rally behind Cisco tactic
Boot_Agnostic | 08/01/05
|
|
Bite the hand that feeds you
gsparksjr@... | 08/02/05
|
Don't quit your job. Share it on Emule and Freenet
GreatInca | 12/27/05
|
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now
- The True Costs of Virtual Server Solutions VMware In an economic environment that is repeatedly heralding the message "do ... Download Now
- Busting the myths about QuickBooks Enterprise Solutions and IBM Smart Business IBM So you already know there aren't actually any alligators in the New York ... Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- The more you simplify, the more you save
-
When you transition from your existing Red Hat environment to SUSE Linux Enterprise from Novell, you can recognize dramatic cost savings, perhaps as much 50%
- Learn more >>
- New Online Dashboard for IT Leaders
-
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
- Learn more >>
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer >>
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
-
-
Smart Tech
Expert advice on innovations in healthcare and the green technologies that make it happen.
Find out more
-
Smart Business
Discussion and advice on management issues that revolve around making your world smarter and more useful.
More Smart Advice
-
Smart People
The best and worst moves in the management and strategy trenches.
Learn More
