ISS Allegedly Hiding Cisco Bugs

["Fergie" <fergdawg () netzero net>]

Via Wired News.

[snip]

The computer security researcher who revealed a serious vulnerability in the operating system for Cisco Systems routers 
this year says he discovered 15 additional flaws in the software that have gone unreported until now, one of which is 
more serious than the bug he made public last summer.

Mike Lynn, a former security researcher with Internet Security Systems, or ISS, said three of the flaws can give an 
attacker remote control of Cisco's routing and gateway hardware, essentially allowing an intruder to run malicious code 
on the hardware. The most serious of the three would affect nearly every configuration of a Cisco router, he said.

[snip]

http://www.wired.com/news/technology/0,1282,69762,00.html

Of course, Mike is at Juniper Networks now, so in the spirit
of full disclosure, etc.  ;-)

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.