Cisco.com compromised
Results 1 to 7 of 7

Thread: Cisco.com compromised

  1. #1
    Senior Member
    Join Date
    Aug 2002
    Posts
    508

    Cisco.com compromised




    IMPORTANT NOTICE:

    * Cisco has determined that Cisco.com password protection has been compromised.
    * As a precautionary measure, Cisco has reset your password. To receive your new password, send a blank e-mail, from the account which you entered upon registration, to cco-locksmith@cisco.com. Account details with a new random password will be e-mailed to you.
    * Because of a large number of requests, registered Cisco.com users may experience delays in receiving the new passwords.
    * This incident does not appear to be due to a weakness in Cisco products or technologies.
    http://www.cisco.com/cgi-bin/login

    After michael lynn case..? I think every security researcher have been watching Cisco now..
    Not an image or image does not exist!
    Not an image or image does not exist!

  2. #2
    Member
    Join Date
    Feb 2005
    Posts
    45
    As they say... mess with the bull, you get the horns. I wonder how long their servers will be overloaded.

  3. #3
    T̙͓̞̣̯ͦͭͅͅȂͧͭͧ̏̈͏̖̖Z̿ ͆̎̄
    Join Date
    Dec 2004
    Posts
    3,171
    Looks good on them !

  4. #4
    Senior Member hesperus's Avatar
    Join Date
    Jan 2005
    Posts
    416
    Yes, but remember :

    * This incident does not appear to be due to a weakness in Cisco products or technologies.
    Whew ! ! At least no one else needs to worry . . .
    .

  5. #5
    Now, RFC Compliant! Noia's Avatar
    Join Date
    Jan 2002
    Posts
    1,210
    is it just me, or could a spoofed e-mail with a reply-to tag cause alot of problems right about now?? Just a thought...
    With all the subtlety of an artillery barrage / Follow blindly, for the true path is sketchy at best. .:Bring OS X to x86!:.
    Og ingen kan minnast dei linne drag i dronningas andlet den fagre dag Då landet her kvilte i heilag fred og alle hadde kjærleik å elske med.

  6. #6
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    Well, I'm drunk now, but when I first read this on isc.incidents.org yesterday I thought something similar.

    Why would they put up such a notice unless they had some sort of defense against it ??????
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes

  7. #7
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    Well Noia , it seems others ( not Cisco ) think the same way we do!

    From Handlers Diary August 4th 2005

    Cisco CCO Password Reset Reply-To Spoof Concern
    Testing confirmed a spoofed reply-to field in a message to the CCO Locksmith would be accepted.
    We notified the Cisco PSIRT team and they are reviewing the spoofed reply-to issue.
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •