North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Cisco IOS Exploit Cover Up

  • From: Florian Weimer
  • Date: Thu Jul 28 10:24:09 2005

* James Baldwin:

> A fix had been generated with the vendor and it was time that the
> information to become public so network operators understood that
> the remote execution empty world we had lived in until now was over.

Huh?  Remote code injection exploits on Cisco routers have been
demonstrated before, haven't they?  Previous ones were rather fragile,
and the amount of knowledge and experimentation needed was rather
high.  Actually, this is the type of exploit I would expect to be
unavailable to the general public (read: network operators) for a
long, long time.

If there was a perception in the community that remote code injection
exploits were a non-issue on routers, then this incident was long
overdue, and Cisco should be thankful because their customers can
assess risks in a more realistic way.  ISS is probably the real loser
here because these days, their business is based to a large extent on
selling access to relevant strategic information, and dissemination of
any background information reduces the value of their service (or the
exclusiveness of the offerrings, at the least).