New cisco exploit published in the media today
Cisco warns of new hacking toolkit http://www.infoworld.com/article/04/03/29/HNhackingtoolkit_1.html exploit location http://www.blackangels.it/ -Henry
Forgive the not panicing, but none of the exploits utilized by this tool are new, the newest being a year old, most being 2-3 years old, judging by the dates on the cisco pages. -S On Mon, 29 Mar 2004, Henry Linneweh wrote:
Cisco warns of new hacking toolkit http://www.infoworld.com/article/04/03/29/HNhackingtoolkit_1.html
exploit location http://www.blackangels.it/
-Henry
!DSPAM:4068933e94641474817789!
-- Scott Call Router Geek, ATGi, home of $6.95 Prime Rib I make the world a better place, I boycott Wal-Mart VoIP incoming: +1 360-382-1814
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Scott Call wrote: | Forgive the not panicing, but none of the exploits utilized by this tool | are new, the newest being a year old, most being 2-3 years old, judging by | the dates on the cisco pages. | Yes, but the toolkit and the simplicity with which these exploits can now be executed IS new. This notification serves as a reminder to those who may not have addressed these vulnerabilities in their networks even where there have been fixes for several years. - -- ========= bep -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (MingW32) iD8DBQFAaKNSE1XcgMgrtyYRAgWyAKCebXMbePjRFZVKMeUYpUYc6JE76QCfcEJa PeZKPuual+8U1/90cFn7cUk= =JU67 -----END PGP SIGNATURE-----
On Mon, 29 Mar 2004, Scott Call wrote:
Forgive the not panicing, but none of the exploits utilized by this tool are new, the newest being a year old, most being 2-3 years old, judging by the dates on the cisco pages.
Which brings to mind the question of when will reporters be able to "objectively" report something, and not "attenuate" certain aspects for the benefit of creating a "scoop". I perfectly understand the need to make public the availability of this new cracking tool, but I do not understand why there was no mention of the fact it exploits bugs that are 1.5-3 years old, which would have put matters in the proper perspective, instead of trying to create commotion as if some immediate danger was hanging above our enterprise LANs. *sigh* --Ariel
-S
On Mon, 29 Mar 2004, Henry Linneweh wrote:
Cisco warns of new hacking toolkit http://www.infoworld.com/article/04/03/29/HNhackingtoolkit_1.html
exploit location http://www.blackangels.it/
-Henry
!DSPAM:4068933e94641474817789!
-- Scott Call Router Geek, ATGi, home of$6.95 Prime Rib I make the world a better place, I boycott Wal-Mart VoIP incoming: +1 360-382-1814
+++++++++++++++++++++++++++++++++++++++++++ This Mail Was Scanned By Mail-seCure System at the Tel-Aviv University CC.
-- Ariel Biener e-mail: ariel@post.tau.ac.il PGP(6.5.8) public key http://www.tau.ac.il/~ariel/pgp.html
Ariel Biener wrote:
Which brings to mind the question of when will reporters be able to "objectively" report something, and not "attenuate" certain aspects for the benefit of creating a "scoop".
Not to mention driving traffic to their site which they wouldn't of seen had they mentioned certain key facts. Chris
On Tue, 30 Mar 2004 00:37:29 +0200, Ariel Biener said:
I perfectly understand the need to make public the availability of this new cracking tool, but I do not understand why there was no mention of the fact it exploits bugs that are 1.5-3 years old, which would have put matters in the proper perspective, instead of trying to create commotion as if some immediate danger was hanging above our enterprise LANs.
Compare the potential eyeball count: "Exploit for 3 year old hole available" "Death of Internet Predicted. MPEGs at 11 (10:30 in Newfoundland)".
participants (7)
-
Ariel Biener
-
Bruce Pinsky
-
Chris Brookes
-
Henry Linneweh
-
Martin J. Levy
-
Scott Call
-
Valdis.Kletnieks@vt.edu