Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: [Full-disclosure] RE: Getting a clue at Cisco
From: Sam Evans (wintrmtegmail.com)
Date: Mon Aug 01 2005 - 14:52:16 CDT
Just curious -- if the April patch fixed the vulnerability discussed, then
that would mean (according to Cisco) that the vulnerability affected IPV6
and not IPV4, correct?
On 8/1/05, byte_jump <bytejumpgmail.com> wrote:
> In my opinion, probably the grossest error made by Cisco in all of
> this was silently patching their IOS back in April. Anyone who's ever
> used Cisco's software knows that you can never run the latest release,
> unless you want things to break, and break badly. As a result, how
> many organizations were at the latest, patched IOS release as of
> BlackHat? Not many, I'd wager. If, however, Cisco had come clean and
> told everyone that there is a serious problem in their IOS and
> exploitation is being actively researched by Chinese hacker groups,
> you'd see a lot more uptake of that April IOS release. Instead, Cisco
> hangs their customers out to dry.
> Shameful, just shameful.
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/