Cisco's IOS software for versions i think 12.3 and 12.3t sources have been leaked. I have a small part of the souce, only 2 of the source files. Anyone else hear about this? I dont know if posting the source files are a good idea or not on here?
Printable View
Cisco's IOS software for versions i think 12.3 and 12.3t sources have been leaked. I have a small part of the souce, only 2 of the source files. Anyone else hear about this? I dont know if posting the source files are a good idea or not on here?
These the two files you’re referring to?
http://www.securitylab.ru/45221.html
yeah, i didnt know if it was alright to post them or not, someone woulda negged me a billion times for givin the board a bad reputation or something. I havent heard anything from cisco or nothing, no press releases or nothin.
If it is proprietary source code for a CURRENT system, I would say no.
Don't post it, it's just wrong.
Indeed, which makes me wonder how true this leak is. I haven't seen it anywhere (not even on sensational CNN.com) where it would be validated a true (a reliable source like securityfocus.com, incidents.org, heck, even The Toronto Star). I got told in another forum that because CISCO isn't replying it must be true. I have doubts since if it was true and was serious, they would have dealt with it.Quote:
I havent heard anything from cisco or nothing, no press releases or nothin.
Has anyone seen it at a reliable source yet beyond the Russian site (they've published stuff before that was sensational and never hit any other place).
By that logic, JFK really was killed by the CIA, Elvis really is still alive, and Tupac is in the Bahamas.Quote:
I got told in another forum that because CISCO isn't replying it must be true.
EDIT: Slashdot has the story, it may be tue...
Here is a link that sheds a little more light on the situation. http://arstechnica.com/news/posts/1084683212.html
Now with out a significant portion of the code or an official statement from Cisco it will be hard to tell what’s real and what’s BS.
I wonder how many vulnerabilities will see from this if the whole code ends up in circulation?
I looked and couldn't see it. Gotta link?Quote:
Slashdot has the story, it may be tue...
Not really. They are merely commenting on the SecurityLabs claim and aren't adding anything new, other than an opinion of the "what if".Quote:
Here is a link that sheds a little more light on the situation. http://arstechnica.com/news/posts/1084683212.html
http://news.com.com/2100-7349_3-5213724.html
Quote:
An unspecified amount of the proprietary source code that drives Cisco Systems' networking hardware has appeared on the Internet, the technology giant acknowledged early Monday.
While the company was investigating whether a breach had lead to the leak, a representative could not confirm whether that network intruders had made off with the software equivalent of the crown jewels: some 800 megabytes of the networking giant's source code.
Now that is a confirmation and that means ugly and scary possibilities. :(