Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cisco Faces Security Flap

A security researcher has crossed by revealing, at a conference this week, the existence of a major IOS security hole.

Wired News reported yesterday that existance of the flaw was disclosed yesterday by
former researcher Michael Lynn at the Black Hat Briefings conference in Las Vegas.

Cisco and ISS originally had approved Lynn's talk, but Cisco reportedly made an about-face earlier this week, insisting the talk be delayed. Lynn claimed ISS and Cisco had threatened him with a lawsuit if he didn't cancel the talk. He gave the talk anyway, quitting his job beforehand.

While he didn't disclose how to exploit the flaw, Lynn reportedly demonstrated that it could be used to gain unauthorized control over a router. ISS had discovered the flaw in its work with Cisco.

Cisco officials say the bug has been patched, and the buggy version of IOS is no longer available for download.

  • 1