Well, I won't fight that one. But web-app holes are well understood and are not related to problems found in the IOS. I really don't see how people can confuse them.
> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf > Of Michael Holstein > Sent: Thursday, August 04, 2005 2:01 PM > To: [email protected] > Subject: Re: [Full-disclosure] taking their revenge @ cisco > > > It have nothing to do with a IOS at all. All the other SQL > injection > > that happen in the world have nothing to do with Cisco IOS > flaws. This > > is a pure case of the search function being open to SQL injection. > > Therefore it is a design/code problem in one of the three web-app > > tiers of the website. > > Yeah .. but I guess their "Self Defending Network" well, um ... > > DIDN'T. > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
