29 Jul
2005
29 Jul
'05
12:08 a.m.
I suspect there was something slightly more than just giving information about the vulnerabilities.. the inference is that they demonstrated executing arbitrary code from buffer overflows.. perhaps for example they developed ways of opening up privilege vty which I dont think has been shown before
we can suspect a lot of things. but, as long as information is suppressed, all we can do is suspect and be victims of those who have the time to develop exploits. this is why open disclosure is soooo important. security through obscurity is a well-known failure mode. randy