nanog mailing list archives

Re: NSA able to compromise Cisco, Juniper, Huawei switches

From: Randy Bush <randy () psg com>
Date: Mon, 30 Dec 2013 12:51:38 -1000

Clay Kossmeyer here from the Cisco PSIRT.


shoveling kitty litter as fast as you can, eh?

http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20131229-der-spiegel


"The article does not discuss or disclose any Cisco product vulnerabilities."

this is disengenuous at best.  from the nsa document copied in der
spiegel and now many other places:

  "JETPLOW is a firmware persistence implant for Cisco PIX series and
   ASA firewalls ..."

so in cisco kitty litter lingo, what would be "discuss[ing] or
disclos[ing] any Cisco product vulnerabilities?  the exploit code
itself?

randy

Current thread:

Re: NSA able to compromise Cisco, Juniper, Huawei switches, (continued)
- - - Re: NSA able to compromise Cisco, Juniper, Huawei switches Randy Bush (Dec 30)
    - Re: NSA able to compromise Cisco, Juniper, Huawei switches Dobbins, Roland (Dec 30)
    - Re: NSA able to compromise Cisco, Juniper, Huawei switches Warren Bailey (Dec 30)
    - Re: NSA able to compromise Cisco, Juniper, Huawei switches Jay Ashworth (Dec 30)
    - Re: NSA able to compromise Cisco, Juniper, Huawei switches William Waites (Dec 30)
  - Re: NSA able to compromise Cisco, Juniper, Huawei switches Dobbins, Roland (Dec 30)
- RE: NSA able to compromise Cisco, Juniper, Huawei switches Warren Bailey (Dec 30)
  - Re: NSA able to compromise Cisco, Juniper, Huawei switches Jeremy Bresley (Dec 30)
    - Re: NSA able to compromise Cisco, Juniper, Huawei switches Warren Bailey (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Clay Kossmeyer (Dec 30)
  - Re: NSA able to compromise Cisco, Juniper, Huawei switches Randy Bush (Dec 30)
    - Re: NSA able to compromise Cisco, Juniper, Huawei switches Sharif Torpis (Dec 30)
    - Re: NSA able to compromise Cisco, Juniper, Huawei switches Florian Weimer (Dec 31)
    - Re: NSA able to compromise Cisco, Juniper, Huawei switches Randy Bush (Dec 31)
    - Re: NSA able to compromise Cisco, Juniper, Huawei switches Warren Bailey (Dec 31)
    - Re: NSA able to compromise Cisco, Juniper, Huawei switches Jonathan Greenwood II (Dec 31)
    - Re: NSA able to compromise Cisco, Juniper, Huawei switches Dobbins, Roland (Dec 31)
    - Re: NSA able to compromise Cisco, Juniper, Huawei switches sthaug (Dec 31)
    - Re: NSA able to compromise Cisco, Juniper, Huawei switches Paul Ferguson (Dec 31)
    - Re: NSA able to compromise Cisco, Juniper, Huawei switches Dobbins, Roland (Dec 31)
    - Re: NSA able to compromise Cisco, Juniper, Huawei switches Warren Bailey (Dec 31)

(Thread continues...)