Cisco's IOS software for versions i think 12.3 and 12.3t sources have been leaked. I have a small part of the souce, only 2 of the source files. Anyone else hear about this? I dont know if posting the source files are a good idea or not on here?
Printable View
Cisco's IOS software for versions i think 12.3 and 12.3t sources have been leaked. I have a small part of the souce, only 2 of the source files. Anyone else hear about this? I dont know if posting the source files are a good idea or not on here?
These the two files you’re referring to?
http://www.securitylab.ru/45221.html
yeah, i didnt know if it was alright to post them or not, someone woulda negged me a billion times for givin the board a bad reputation or something. I havent heard anything from cisco or nothing, no press releases or nothin.
If it is proprietary source code for a CURRENT system, I would say no.
Don't post it, it's just wrong.
Indeed, which makes me wonder how true this leak is. I haven't seen it anywhere (not even on sensational CNN.com) where it would be validated a true (a reliable source like securityfocus.com, incidents.org, heck, even The Toronto Star). I got told in another forum that because CISCO isn't replying it must be true. I have doubts since if it was true and was serious, they would have dealt with it.Quote:
I havent heard anything from cisco or nothing, no press releases or nothin.
Has anyone seen it at a reliable source yet beyond the Russian site (they've published stuff before that was sensational and never hit any other place).
By that logic, JFK really was killed by the CIA, Elvis really is still alive, and Tupac is in the Bahamas.Quote:
I got told in another forum that because CISCO isn't replying it must be true.
EDIT: Slashdot has the story, it may be tue...
Here is a link that sheds a little more light on the situation. http://arstechnica.com/news/posts/1084683212.html
Now with out a significant portion of the code or an official statement from Cisco it will be hard to tell what’s real and what’s BS.
I wonder how many vulnerabilities will see from this if the whole code ends up in circulation?
I looked and couldn't see it. Gotta link?Quote:
Slashdot has the story, it may be tue...
Not really. They are merely commenting on the SecurityLabs claim and aren't adding anything new, other than an opinion of the "what if".Quote:
Here is a link that sheds a little more light on the situation. http://arstechnica.com/news/posts/1084683212.html
http://news.com.com/2100-7349_3-5213724.html
Quote:
An unspecified amount of the proprietary source code that drives Cisco Systems' networking hardware has appeared on the Internet, the technology giant acknowledged early Monday.
While the company was investigating whether a breach had lead to the leak, a representative could not confirm whether that network intruders had made off with the software equivalent of the crown jewels: some 800 megabytes of the networking giant's source code.
Now that is a confirmation and that means ugly and scary possibilities. :(
even IF it's true I think it won't have any effect on anything really because
1) I doubt many people will ever see the full claimed 800 mb of code
2) I expect cisco's code to be secure enough to handle this, looking at the ammount of cisco routers and their importance
3) similar issues in the past also didn't have much effect
4) really important routers will be fixed/replaced in time by good admins
5) I can think up more reasons, but blah
besides that I don't really believe it yet
Even if the full source is out there, I agree with neel on this one. It's Cisco, not MS.
I'm going to see if I can procure a copy of the source. Should be interesting.
Keep in mind it's still copyrighted. No publishing of code here please.Quote:
I'm going to see if I can procure a copy of the source. Should be interesting.
I wouldn't do it.
It's proprietary code for a current system.
I'm a good boy now.
I agree primarily with Neel, but I also agree for a slightly different reason. Even the Microsoft code leak took a while before an exploit resulted. The recent Bitmap image Trojan is a result of that leak- but that isn't very serious thus far.
I expect Cisco code to be potentially more secure than Microsoft code- for one thing IOS has far fewer bells and whistles. The decreased focus and functionality means there is less to be flawed.
On a different note, I can think of a couple reasons why Cisco isn't sounding any alarms (yet) even if this story is true:
a) they may want to go back through their own IOS code first to determine if there are any vulnerabilities to even be concerned with and
b) the attackers in alleged possession of the source code would still have to sift through it all to find vulnerabilities themselves before they could begin to exploit anything.
I think one of the reasons an exploit based on the Microsoft code leak took so long is that malicious exploit developers are primarily a lazy bunch. They like to wait for vulnerability announcements and patch releases so that they have a specific service or part of the program to target and a patch to reverse-engineer to find out exactly how to exploit the vulnerability.
Having the source code does open up the possibility of exploits- but only after someone invests the time and effort into researching the code to find its weaknesses.
Just my $.02