Cisco hack details posted on web


Cisco hack details posted on web

Tash Shifrin

Details of bugs in software controlling Cisco routers that could be exploited by hackers have been posted on the internet despite legal moves by Cisco to stop the information spreading.

Last week Cisco secured a US court injunction against security researcher Michael Lynn to prevent him further revealing code that could aid hackers after a presentation he gave at the Black Hat security conference in Las Vegas recently.

Lynn had resigned his job at Internet Security Systems, where he learned about the vulnerabilities, just hours before his presentation. The company joined Cisco in its legal action against Lynn and Black Hat.

But details of the bugs have been posted on the website, including a series of photographs of Lynn making his presentation, against a backdrop of his slides. In the photographs, some sections of code have been blanked out.

The code can be clearly read on what appears to be an earlier version of the slides - also posted at Cryptome - which are labeled with both Lynn’s name and that of Internet Security Systems. The slides presented by Lynn, after his resignation state, “I am here representing myself. I am no longer an employee of Internet Security Systems (ISS).”

Also posted on Cryptome is a pdf file apparently of a letter from ISS’s lawyers sent to demanding that information from the Cisco bug presentation be taken down.

On the morning of Tuesday 2 August, pages were blank, but Cryptome carried a note saying: “If the Lynn presentation is pulled from here … send us an e-mail for where to get it. There are at least a dozen places it’s available in and outside the US.”

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy