Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
tptacek
on Aug 17, 2016
|
parent
|
context
|
favorite
| on:
Cisco Adaptive Security Appliance SNMP Remote Code...
No, I'm saying you
can't
do that with this bug; that's what I mean by "not a pivot bug". It's a way of persisting inside access you got some other way. Because, again, people don't listen to SNMP on the outside interface.
throwaway5676
on Aug 17, 2016
[–]
And that is what the parent is saying. The "other way" is through the web server that is exposed to the internet and can reach the internal ASA.
tptacek
on Aug 17, 2016
|
parent
[–]
Reaching "the internal ASA" isn't giving you access the webserver didn't already have, hence, persisting, not pivoting.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
