nanog mailing list archives
Re: NSA able to compromise Cisco, Juniper, Huawei switches
From: Sharif Torpis <faust () grift com>
Date: Mon, 30 Dec 2013 16:46:06 -0700
On 12/30/2013 3:51 PM, Randy Bush wrote:
Clay Kossmeyer here from the Cisco PSIRT.shoveling kitty litter as fast as you can, eh?http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20131229-der-spiegel"The article does not discuss or disclose any Cisco product vulnerabilities." this is disengenuous at best. from the nsa document copied in der spiegel and now many other places: "JETPLOW is a firmware persistence implant for Cisco PIX series and ASA firewalls ..." so in cisco kitty litter lingo, what would be "discuss[ing] or disclos[ing] any Cisco product vulnerabilities? the exploit code itself? randy
What is the vulnerability in Cisco product Randy? That a 3rd party can replace the firmware in your firewall? There isn't enough information to determine if this is a software vulnerability triggered with exploit code or wholesale firmware replacement. The document refers to an implant but not how it gets there. -- "The first rule of any game is to know that you're in one." -Sandy Lerner, co-founder, Cisco Systems
Current thread:
- Re: NSA able to compromise Cisco, Juniper, Huawei switches, (continued)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Dobbins, Roland (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Warren Bailey (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Jay Ashworth (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches William Waites (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Dobbins, Roland (Dec 30)
- RE: NSA able to compromise Cisco, Juniper, Huawei switches Warren Bailey (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Jeremy Bresley (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Warren Bailey (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Jeremy Bresley (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Clay Kossmeyer (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Randy Bush (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Sharif Torpis (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Florian Weimer (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Randy Bush (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Warren Bailey (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Jonathan Greenwood II (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Dobbins, Roland (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches sthaug (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Paul Ferguson (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Randy Bush (Dec 30)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Dobbins, Roland (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Warren Bailey (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Dobbins, Roland (Dec 31)