Educause Security Discussion mailing list archives
Re: furor over Cisco IOS router exploit erupts at Black Hat
From: "Parker, Ron" <Ron.Parker () BRAZOSPORT EDU>
Date: Thu, 28 Jul 2005 15:55:30 -0500
I've been following this discussion on the NANOG list (http://www.merit.edu/mail.archives/nanog). They have been bouncing off the walls on this since yesterday. Unfortunately, usable information about this is pretty much nonexistent at this point. Cisco's official announcement on this just says to upgrade to the "latest available versions" and contact your account people: http://www.cisco.com/en/US/about/security/intelligence/MySDN_CiscoIOS.ht ml The problem, of course, is that many of us don't run out and load every new IOS version that comes along unless we need a bug fix or a new/different feature. So, it isn't really clear to me what "latest available version" means. It also isn't clear if only the latest version in a particular release train is the one that is not vulnerable or if you are OK as long as you aren't using a "retired" version. If anyone finds out anything useful, please pass it along. I suspect that Cisco is just trying to control widespread release of the information by asking us to contact them directly. -- Ron Parker, Director of Information Technology, Brazosport College http://www.brazosport.edu
-----Original Message----- From: Scott Genung [mailto:sagenung () ILSTU EDU] Sent: Thursday, July 28, 2005 3:26 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] furor over Cisco IOS router exploit erupts at Black Hat All, I just read this article. Based upon Cisco's reaction, I'm rather concerned about this material that has been shared with the hacker community. I have asked my account manager if Cisco will be releasing to it's customer base what vulnerabilities we need to be aware of to defend our infrastructure. It could be a very interesting fall semester.Date: Thu, 28 Jul 2005 12:18:59 -0500 From: NW Cisco News Alert <CiscoAlert () nwfnews com> Subject: Cisco News Alert Special Issue: Furor over Cisco IOS router exploit erupts at Black Hat _______________________________________________________________ Furor over Cisco IOS router exploit erupts at Black Hat By Ellen Messmer, Network World, 07/28/05 Although Cisco and Internet Security Systems had abruptlycancelled aplanned technical talk and demo at the Black Hat Conferenceto revealhow unpatched Cisco routers can be remotely compromised, theresearcherwho had originally uncovered the problem went ahead with the talk anyway, igniting a spate of lawsuits against himself and theBlack HatConference. Michael Lynn, the research analyst at ISS who was asked toresign afterhis presentation detailing how an attacker can exploit flaws in unpatched Cisco routers to gain total control over them,said he feltcompelled to reveal the information because "I felt I had todo what'sright for the country and the national infrastructure." Cisco and ISS, claiming it was premature to release theresearch, sawit differently and immediately filed a lawsuit aimed atcompelling himnot to discuss the subject further. The Black Hat Conferencewas alsoserved with a lawsuit by the two companies for allowing Lynnto discussthe exploits associated with Cisco routers. Full story: http://www.networkworld.com/news/2005/072805-cisco-black-hat.html?nlScott Genung Manager of Networking Systems Telecommunications and Networking Illinois State University 124 Julian Hall Normal, IL 61790-3500 sagenung () ilstu edu Phone: (309)438-7258 Web: http://www.tel.ilstu.edu
Current thread:
- furor over Cisco IOS router exploit erupts at Black Hat Scott Genung (Jul 28)
- <Possible follow-ups>
- Re: furor over Cisco IOS router exploit erupts at Black Hat Randy Marchany (Jul 28)
- Re: furor over Cisco IOS router exploit erupts at Black Hat Parker, Ron (Jul 28)
- Re: furor over Cisco IOS router exploit erupts at Black Hat Steve Bernard (Jul 28)
- Re: furor over Cisco IOS router exploit erupts at Black Hat Matthew Keller (Jul 29)