I can call spirits from the vasty deep.
Why, so can I, or so can any man;
But will they come when you do call for them?
William Shakespeare, Henry IV , Part 1
Why did we choose such an epigraph ? Because even though dozens of advisories about buffer overflow vulnerabilities in Cisco IOS have been published, we have never actually seen a working shellcode or a complete remote code execution exploit for Cisco routers with the current branch of IOSthat is, IOS 12.312.4. In this chapter, we will explore why it is difficult to launch buffer overflow attacks against this OS and try to foresee whether such exploits may surface or whether the closed laboratories and the hacking underground may already possess them.