Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 22

Thread: Cisco Security Hole a Whopper

  1. #11
    Senior Member
    Join Date
    Aug 2003
    Posts
    224
    Would it be safe to put this IOS Patching off until Monday?
    There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.

  2. #12
    Senior Member
    Join Date
    Oct 2002
    Posts
    314
    I was at the presentation, and applaud Mike for what he did.

    He also pointed out that anyone who has kept their systems up to date with patches is not at risk. However Cisco have some stuff in the pipeline that may make the attack vectors for Cisco a little different (i.e. rather then having to recompile a worm for each version of IOS, one worm will work for all).
    Quis custodiet ipsos custodes

  3. #13
    Senior Member
    Join Date
    Aug 2003
    Posts
    224
    A Patch was issued in April that fixed the Vulnerability, but they were just going to keep it to themseleves that it fixes a major bung hole? Am I understanding this correctly?
    There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.

  4. #14
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Well, the other issue seems to be that, while this specific vulnerability has been patched, the underlying deficient code development processes may have created vulnerabilities in other portions of the IOS code.

    And as said, other product offerings and changes might be vulnerable.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  5. #15
    Senior Member
    Join Date
    Dec 2004
    Posts
    3,171
    Hi zencoder,

    Looks like he buckled under the pressure...

    " Cisco, security researcher settle dispute "

    Michael Lynn, who left his job at Internet Security Systems Inc. hours before his speech, agreed never to repeat the information he gave at the Black Hat conference in Las Vegas on Wednesday.

    He also must return any proprietary Cisco source code in his possession.
    http://www.sanluisobispo.com/mld/san...s/12248404.htm
    AP Wire | 07/28/2005 | Cisco, security researcher settle dispute

    as you said...
    That flaw was patched in April, but it's possible that the same technique could be used to exploit other vulnerabilities in Cisco routers. Lynn said the technique also could lead to the creation of a worm that targets routers, particularly when coupled with an upcoming version of Cisco's operating system.
    Eg

  6. #16
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Well, you could say buckled. I like to think more optimisticly and say he chose to agree to their terms, rather than face a lengthy and/or expensive legal proceeding. Besides, it doesn't really matter to him now...he's already made his point and shared the information. He can easily say "I won't repeat it again" with complete satisfaction that his point has been shared and will be repeated by others now.

    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  7. #17
    Junior Member
    Join Date
    Oct 2001
    Posts
    20

    Cisco security hole...

    If anyone has seen and reviewed his (Lynn's) information - what impact does/would this have on the Cisco security products such as the PIX? I can only guess that the underlying IOS is similar in some respects and therefore vulnerable as well.

    Shame, I would have liked to read his report and seen this for myself.

  8. #18
    Senior Member
    Join Date
    Jun 2003
    Posts
    723
    "Shame, I would have liked to read his report and seen this for myself."

    www.cryptome.org will help you
    Do unto others as you would have them do unto you.
    The international ban against torturing prisoners of war does not necessarily apply to suspects detained in America\'s war on terror, Attorney General John Ashcroft told a Senate oversight committee
    -- true colors revealed, a brown shirt and jackboots

  9. #19
    Senior Member
    Join Date
    Oct 2002
    Posts
    314
    Mike did raise the point that for the hole to be used for a worm in the current environment would require a worm to be about 40mb in size...so don`t be too concerned just yet. Cisco are looking at using virtual processes which is going to dratsically alter this and a generic worm could be developed.

    The hole affects the Cisco IOS in general, so anything using it is at risk.

    And I don`t think he buckled, it was was either that or be sued by ISS and Cisco.
    Quis custodiet ipsos custodes

  10. #20
    Senior Member
    Join Date
    Dec 2004
    Posts
    3,171
    Hi R0n1n,
    And I don`t think he buckled, it was was either that or be sued by ISS and Cisco.
    Isn't that the very definition of buckling? Folding under pressure? He was under the heat and he took the easy way out....I'm not faulting him for that...no sense fighting a war you can't win...still...he caved under the pressure...under the circumstances it was probably the smart thing to do...but the result is the same.

    Eg

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •