----- Original Message ----- From: "J. Oquendo" <sil@politrix.org> To: <nanog@nanog.org> Sent: Monday, September 19, 2005 10:23 AM Subject: IOS exploit
"Supposedly"/"Allegedly"/"Theoretically", rumor mill has it that a worm exploit of sorts has been published. My Russian is so so, not good enough to make sense it a majority of what was posted. A translation made me want to yank my hair out.
i'll help with the translation :) On Sept 9, Andrey Vladimirov (aka dr_nicodimus), known as a co-author of the book 'Wi-Foo: The Secrets of Wireless Hacking', published information about the end [result] of a "brainstorm session" aimed at [developing ways of] exploiting vulnerabilities in software running on Cisco products. This research has led to the development of techniques which can be used to inject executable code into Cisco IOS as well as to write exploits and shellcode for this platform. Methods of implementing a cross-platform worm targetting IOS have also been developed. A plethora of vulnerabilities have been discovered in the "firmware" implementation of the routing protocol EIGRP. As a demonstration, an attack from one Cisco aimed at another was successful in launching an irc server on the target. --- not translating the rest, since it's largely non-technical and contains a derogatory reference to coders in a certain asian country. --- -p --- paul galynin