Releasing a module now that could be used to compromise one's own personal device running an outdated software release feels like a wasted effort at best. Given enough time, I'm sure it would come about, but the bug is patched. Since the initial disclosure, I've worked both with him and independently to find a fruitful memory disclosure, but to no avail. Unfortunately, both he and I left Exodus before the disclosure of the bug, so I can't comment on the decision to release it in such a state. I'm positive that given more time, he would have found an information leak necessary to circumvent that. Jordan's original exploit, which the public has seen, is impressive in itself, though not portable across ASA's due to loss of heap determinism given variances in device configurations. Before explaining why, some disclosures may be in order: while I wasn't on this project with David or Jordan, I actually worked at Exodus Intelligence during the discovery of this vulnerability and the initial exploitation attempts. I feel that this is far from the truth, and this article is a response to such notions. From this discussion, I've gathered that many researchers seem to consider the Cisco ASA as an unruly beast, difficult to approach, even harder to tame. Since then, I've fielded numerous requests for modules and witnessed much discussion generated from it. Back in February, Exodus Intelligence released their blog entry titled "Execute My Packet", which detailed their discovery and exploitation of CVE-2016-1287.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |