Results 1 to 7 of 7

Thread: Cisco.com compromised

  1. August 3rd, 2005, 08:30 PM #1
    sweet_angel
    sweet_angel is offline
    Senior Member
    Join Date
    Aug 2002
    Posts
    508

    Cisco.com compromised




    IMPORTANT NOTICE:

    * Cisco has determined that Cisco.com password protection has been compromised.
    * As a precautionary measure, Cisco has reset your password. To receive your new password, send a blank e-mail, from the account which you entered upon registration, to cco-locksmith@cisco.com. Account details with a new random password will be e-mailed to you.
    * Because of a large number of requests, registered Cisco.com users may experience delays in receiving the new passwords.
    * This incident does not appear to be due to a weakness in Cisco products or technologies.
    http://www.cisco.com/cgi-bin/login

    After michael lynn case..? I think every security researcher have been watching Cisco now..
    Not an image or image does not exist!
    Not an image or image does not exist!
    Reply With Quote Reply With Quote
  2. August 3rd, 2005, 10:29 PM #2
    stevel
    stevel is offline
    Member
    Join Date
    Feb 2005
    Posts
    45
    As they say... mess with the bull, you get the horns. I wonder how long their servers will be overloaded.
    Reply With Quote Reply With Quote
  3. August 4th, 2005, 01:07 AM #3
    Egaladeist
    Egaladeist is offline
    Senior Member
    Join Date
    Dec 2004
    Posts
    3,171
    Looks good on them !
    Reply With Quote Reply With Quote
  4. August 4th, 2005, 01:22 AM #4
    hesperus
    hesperus is offline
    Senior Member hesperus's Avatar
    Join Date
    Jan 2005
    Posts
    416
    Yes, but remember :

    * This incident does not appear to be due to a weakness in Cisco products or technologies.
    Whew ! ! At least no one else needs to worry . . .
    .
    Reply With Quote Reply With Quote
  5. August 4th, 2005, 07:52 AM #5
    Noia
    Noia is offline
    Now, RFC Compliant! Noia's Avatar
    Join Date
    Jan 2002
    Posts
    1,210
    is it just me, or could a spoofed e-mail with a reply-to tag cause alot of problems right about now?? Just a thought...
    With all the subtlety of an artillery barrage / Follow blindly, for the true path is sketchy at best. .:Bring OS X to x86!:.
    Og ingen kan minnast dei linne drag i dronningas andlet den fagre dag Då landet her kvilte i heilag fred og alle hadde kjærleik å elske med.
    Reply With Quote Reply With Quote
  6. August 4th, 2005, 11:09 AM #6
    IKnowNot
    IKnowNot is offline
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    Well, I'm drunk now, but when I first read this on isc.incidents.org yesterday I thought something similar.

    Why would they put up such a notice unless they had some sort of defense against it ??????
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes
    Reply With Quote Reply With Quote
  7. August 5th, 2005, 08:37 PM #7
    IKnowNot
    IKnowNot is offline
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    Well Noia , it seems others ( not Cisco ) think the same way we do!

    From Handlers Diary August 4th 2005

    Cisco CCO Password Reset Reply-To Spoof Concern
    Testing confirmed a spoofed reply-to field in a message to the CCO Locksmith would be accepted.
    We notified the Cisco PSIRT team and they are reviewing the spoofed reply-to issue.
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules