ISC StormCast for Tuesday, July 30th 2019
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 30 July 2019
⏱️ 7 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Tuesday, July 30th, 2019 edition of the Sandsenet Storm Center's Stormcast. My name is Johannes Ulrich. |
| 0:09.3 | And then I'm recording from Boston, Massachusetts. Security Company Armis released a report |
| 0:17.4 | with details regarding 11 vulnerabilities in the VXVWorkx IP stack. Of course, I have to spend a |
| 0:25.3 | little bit time on these vulnerabilities here today, in particular, and of course, TCP IP, |
| 0:30.5 | sort of one of my favorite topics teaching again this week here in Boston, our intrusion |
| 0:36.0 | detection in depth class. And actually, these vulnerabilities are hitting on some of the points that we are covering in the class. |
| 0:43.3 | VXWorks is a real-time operating system, so it's very popular with devices industrial control systems and such, |
| 0:51.3 | where timing is important. Unlike Linux,XVWorks is a closed-source |
| 0:58.5 | operating system, so it is something that vendors that want to use this operating system |
| 1:04.2 | actually have to pay money for. Now, it comes with a TCPIP stack that's also known as IPNet. |
| 1:11.8 | It's actually unlike in most other operating systems, a somewhat optional component, but |
| 1:17.5 | of course not sure how many devices running VXVWorks can really do without IPNet. |
| 1:24.0 | The flaws being discovered here by Armis, first of all, have been patched as of about last week, |
| 1:31.6 | but they fall into a couple of different categories. |
| 1:34.7 | For example, there are some issues that are dealing with the parsing and handling of IPV4 options. |
| 1:40.9 | Just earlier, I told students in class that IPV4 options is something you |
| 1:45.0 | really shouldn't see anymore in modern networks. IPB4 options pretty much are being |
| 1:52.0 | blocked by some routers or at least ignored. But nevertheless, in this case it's the |
| 1:58.0 | record route option that's causing issues. Record route can be used in order |
| 2:03.3 | to discover routers along the path of a packet. It will essentially instruct routers to add |
| 2:09.6 | their IP address to the packet as part of the IP options. And in this case, well, a parsing error will actually lead to a buffer |
| 2:20.1 | overflow and can even be leveraged for remote code execution. Similarly, there are also issues |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.