|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: "Cisco gate" - Payload Versus Vector
On Tue, 2 Aug 2005, Randy Bush wrote: > even without stiffling the heap check via crashing_already (i.e. a > 'fix' is developed for that weakness), is the 30-60 second window > sufficient to do serious operational damage. i.e. what could an > attacker do with a code injection with a mean life as short as > 15-30 seconds? change the passwords and write to nvram, and come back later? -Dan
|