Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Cisco :: tb12906.htm

Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques



Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques
Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques




--yEPQxsgoJgBvi8ip
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hello,

Cisco PSIRT is aware of the three videos IRM Plc. published on their
web site at . 
  
Cisco and IRM agree that the videos do not demonstrate or represent a
vulnerability in Cisco IOS.  Specifically, the code to manipulate
Cisco IOS could be inserted only under the following conditions:
                
- Usage of the debugger functionality present in IOS
                            
- Having physical access to the device
                                          
- Already logged in at the highest privilege level on the device.
               
IRM approached Cisco PSIRT with this information prior to its public
release and Cisco has confirmed the information provided is a
proof-of-concept that third party code could be inserted under these
specific conditions.

Regards,

Gaus

=============Damir Rajnovic , PSIRT Incident Manager, Cisco Systems 
 Telephone: +44 7715 546 033 
200 Longwater Avenue, Green Park, Reading, Berkshire RG2 6GB, GB
=============There are no insolvable problems. 
The question is can you accept the solution? 

--yEPQxsgoJgBvi8ip
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (Darwin)

iD8DBQFHDLHz8NUAbBmDaxQRAly/AJsGBSdnSVUeVvLmbM/wgq93w7d68ACgjQem
Pl0BqLrdWvvU5KZ/jUCRC0g=moHz
-----END PGP SIGNATURE-----

--yEPQxsgoJgBvi8ip--


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH