[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Cisco Security Advisory: Cisco VPN3000Concentrator Vulnerable to Crafted HTTP Attack

To: "Dario Ciccarone (dciccaro)" <dciccaro@xxxxxxxxx>
Subject: Re: [Full-disclosure] Cisco Security Advisory: Cisco VPN3000Concentrator Vulnerable to Crafted HTTP Attack
From: Dude VanWinkle <dudevanwinkle@xxxxxxxxx>
Date: Sun, 29 Jan 2006 23:58:34 -0500

On 1/26/06, Dario Ciccarone (dciccaro) <dciccaro@xxxxxxxxx> wrote:

>
>         So, in closing, you are not 'plain out of luck' - there is a
> process in place for you to be able to obtain a fixed software release,
> for free, even without a service contract.

Soooo, if we find enough flaws in IOS versions that just cant be fixed
by a patch, and must be addressed by upgrading to the current build,
then no one will need the service contract... right? =P

-JP
"Get cracking"
-JP
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- RE: [Full-disclosure] Cisco Security Advisory: Cisco VPN3000Concentrator Vulnerable to Crafted HTTP Attack
  - From: Dario Ciccarone \(dciccaro\)

Prev by Date: Re: [Full-disclosure] [ GLSA 200601-15 ] Paros: Default administrator password
Next by Date: [Full-disclosure] AOL Instant Messenger 5.9.3861 Local Buffer Overrun Vulnerability
Previous by thread: RE: [Full-disclosure] Cisco Security Advisory: Cisco VPN3000Concentrator Vulnerable to Crafted HTTP Attack
Next by thread: [Full-disclosure] [ GLSA 200601-13 ] Gallery: Cross-site scripting vulnerability
Index(es):
- Date
- Thread