Details of bugs in software controlling Cisco routers that could be exploited by hackers have been posted on the internet despite legal moves by Cisco to stop the information spreading.
Last week Cisco secured a US court injunction against security researcher Michael Lynn to prevent him further revealing code that could aid hackers after a presentation he gave at the Black Hat security conference in Las Vegas recently.
Lynn had resigned his job at Internet Security Systems, where he learned about the vulnerabilities, just hours before his presentation. The company joined Cisco in its legal action against Lynn and Black Hat.
But details of the bugs have been posted on the cryptome.org website, including a series of photographs of Lynn making his presentation, against a backdrop of his slides. In the photographs, some sections of code have been blanked out.
The code can be clearly read on what appears to be an earlier version of the slides - also posted at Cryptome - which are labeled with both Lynn’s name and that of Internet Security Systems. The slides presented by Lynn, after his resignation state, “I am here representing myself. I am no longer an employee of Internet Security Systems (ISS).”
Also posted on Cryptome is a pdf file apparently of a letter from ISS’s lawyers sent to Infowarrior.com demanding that information from the Cisco bug presentation be taken down.
On the morning of Tuesday 2 August, Infowarrior.com pages were blank, but Cryptome carried a note saying: “If the Lynn presentation is pulled from here … send us an e-mail for where to get it. There are at least a dozen places it’s available in and outside the US.”