possible exploit.. (Cisco Issue)

This was posted a while ago.


I haven't had the chance to test it in a controlled environment yet.

It seems to work.

It appears Cisco has seen the posting too. The Cisco PSIRT updated their announcement to 1.4 at 5am this morning. The sentence in the "Exploitation and Public Announcments" section is new and states that they are aware that the exploitation "has been publised on a public mailing list".
The link is the same, but the version number has changed:

Len Rose wrote:

Wouldn't it be nice if they would CVS-web this thing so I can just see the
lines that they have changed on each revision. :slight_smile:

...off to read 1.5


The changes are all detailed at the bottom of the advisory.

*raising hand* guilty of not reading past "Distribution" after version

Someone else pointed that out off list.