Thursday, July 28, 2005

Cisco router worms?

The networking giant and Internet Security Systems jointly filed a request Wednesday for a temporary restraining order against Michael Lynn and the organizers of the Black Hat security conference. The motion came after Lynn showed in a presentation how attackers could take over Cisco routers--a problem that he said could bring the Internet to its knees.
The legal moves came Wednesday afternoon, only hours after Lynn gave the talk at the Black Hat security conference here. Lynn told the audience that he had quit his job as a researcher at ISS to deliver the presentation, after ISS had decided to pull the session. Notes on the vulnerability and the talk, "The Holy Grail: Cisco IOS Shellcode and Remote Execution," were removed from the conference proceedings, leaving a gap in the thick book.
Lynn outlined how to run attack code on Cisco's Internetwork Operating System by exploiting a known security flaw in IOS. The software runs on Cisco routers, which make up the infrastructure of the Internet. A widespread attack could badly hurt the Internet, he said.
The actual flaw he exploited for his attack was reported to Cisco and has been fixed in recent releases of IOS, experts attending Black Hat said.
Following his presentation, Lynn displayed his resume to the audience and announced he was looking for a job. Lynn was not available for comment. Representatives of the Black Hat organization said the researcher was meeting with lawyers.
Update, update and update that's still the old story, because if you update you will not get this sort of attack but of course you're maybe more vulnerable to another one .... pffff It's getting boring isn't it?