nanog mailing list archives
Re: Cisco, haven't we learned anything? (technician reset)
From: Hank Nussbacher <hank () efes iucc ac il>
Date: Thu, 12 Jan 2006 16:16:21 +0200 (IST)
On Thu, 12 Jan 2006, Gadi Evron wrote:
In this (http://blogs.securiteam.com/wp-admin/post.php?action=edit&post=207) recent Cisco advisory, the company alerts us to a security problem with Cisco MARS (Cisco Security Monitoring Analysis and Response System). The security issue is basically a user account on the system that will give you root when accessed.
...
Now? if Cisco knowingly put it there, shame on them. If somebody put it there without their knowledge? well, shame on them.
Cisco acquired Protego in Dec 2004 and thereby acquired MARS: http://www.infoworld.com/article/04/12/20/HNciscoprotego_1.html Cisco didn't put it in there - they bought the bug for $65M. :-)
Okay, but how about other vulnerabilities of this type? Are there any more backdoors to other Cisco products? If not, why wouldn?t they just come out and say that? ?There are NO other such backdoors in our products?.
I am sure there are more. The previous one I remember was with their Riverhead purchase: http://www.cisco.com/en/US/products/products_security_advisory09186a008037d0c5.shtml and before that was: http://www.cisco.com/en/US/products/products_security_advisory09186a00802119c8.shtml but I don't know which company was purchased to introduce that one. I think Cisco just doesn't check the product closely enough and trusts the R&D coders and doesn't introduce an external security QA to the product being purchased. -Hank
Current thread:
- Cisco, haven't we learned anything? (technician reset) Gadi Evron (Jan 12)
- Re: Cisco, haven't we learned anything? (technician reset) Hank Nussbacher (Jan 12)
- Re: Cisco, haven't we learned anything? (technician reset) Rob Thomas (Jan 12)
- Message not available
- Re: Cisco, haven't we learned anything? (technician reset) Rob Thomas (Jan 12)
- Re: Cisco, haven't we learned anything? (technician reset) Jared Mauch (Jan 12)
- RE: Cisco, haven't we learned anything? (technician reset) Scott Morris (Jan 12)
- Re: Cisco, haven't we learned anything? (technician reset) Martin Hannigan (Jan 12)
- Is my router owned? How would I know? Rob Thomas (Jan 12)
- Re: Is my router owned? How would I know? goemon (Jan 12)
- Re: Is my router owned? How would I know? Florian Weimer (Jan 12)
- Re: Is my router owned? How would I know? Martin Hannigan (Jan 12)
- Re: Is my router owned? How would I know? Christopher L. Morrow (Jan 12)
- Message not available