[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-disclosure] taking their revenge @ cisco

To: "Michael Holstein" <michael.holstein@xxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: RE: [Full-disclosure] taking their revenge @ cisco
From: "Todd Towles" <toddtowles@xxxxxxxxxxxxxxx>
Date: Thu, 4 Aug 2005 14:26:45 -0500

Well, I won't fight that one. But web-app holes are well understood and
are not related to problems found in the IOS. I really don't see how
people can confuse them.


> -----Original Message-----
> From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx 
> [mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf 
> Of Michael Holstein
> Sent: Thursday, August 04, 2005 2:01 PM
> To: full-disclosure@xxxxxxxxxxxxxxxxx
> Subject: Re: [Full-disclosure] taking their revenge @ cisco
> 
> > It have nothing to do with a IOS at all. All the other SQL 
> injection 
> > that happen in the world have nothing to do with Cisco IOS 
> flaws. This 
> > is a pure case of the search function being open to SQL injection.
> > Therefore it is a design/code problem in one of the three web-app 
> > tiers of the website.
> 
> Yeah .. but I guess their "Self Defending Network" well, um ...
> 
> DIDN'T.
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] taking their revenge @ cisco
Next by Date: [Full-disclosure] Another Windows XP WGA bypass
Previous by thread: [Full-disclosure] Cisco Self Defending Network
Next by thread: [Full-disclosure] Cisco CCO hacked
Index(es):
- Date
- Thread