[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques

To: "Gaus" <gaus@xxxxxxxxx>, <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: Re: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques
From: "Halvar Flake" <halvar.flake@xxxxxxxxxxxxxxxxxx>
Date: Thu, 11 Oct 2007 21:25:05 +0200

So in short, they are demonstrating that

* IF you have console access
* AND the enable password
* AND you enable the debugger

you can execute code ?

So all in all, it's a complete non-issue ?

Cheers,
Halvar

Follow-Ups:
- RE: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques
  - From: Andy Davis
- Re: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques
  - From: Florian Weimer

References:
- Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques
  - From: Damir Rajnovic

Prev by Date: Re: Remote Desktop Command Fixation Attacks
Next by Date: ZDI-07-055: Microsoft Windows DCERPC Authentication Denial of Service Vulnerability
Previous by thread: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques
Next by thread: RE: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques
Index(es):
- Date
- Thread