IMPORTANT NOTICE:

* Cisco has determined that Cisco.com password protection has been compromised.
* As a precautionary measure, Cisco has reset your password. To receive your new password, send a blank e-mail, from the account which you entered upon registration, to cco-locksmith@cisco.com. Account details with a new random password will be e-mailed to you.
* Because of a large number of requests, registered Cisco.com users may experience delays in receiving the new passwords.
* This incident does not appear to be due to a weakness in Cisco products or technologies.

http://www.cisco.com/cgi-bin/login

After michael lynn case..? I think every security researcher have been watching Cisco now..

As they say... mess with the bull, you get the horns. I wonder how long their servers will be overloaded.

Looks good on them ! :D

Yes, but remember :

* This incident does not appear to be due to a weakness in Cisco products or technologies.

Whew ! ! At least no one else needs to worry . . . ::ha-sign:

is it just me, or could a spoofed e-mail with a reply-to tag cause alot of problems right about now?? Just a thought...

Well, I'm drunk now, but when I first read this on isc.incidents.org yesterday I thought something similar.

Why would they put up such a notice unless they had some sort of defense against it ??????

Well Noia , it seems others ( not Cisco ) think the same way we do!

From Handlers Diary August 4th 2005 (http://isc.sans.org/diary.php?date=2005-08-04)

Cisco CCO Password Reset Reply-To Spoof Concern
Testing confirmed a spoofed reply-to field in a message to the CCO Locksmith would be accepted.
We notified the Cisco PSIRT team and they are reviewing the spoofed reply-to issue.