Main Menu

Login



Support Virus.Org

Help support Virus.Org by donating.
Donating allows us to keep this site free and pay the running costs of all our services.
Massive Cisco IOS holes exposed at Blackhat PDF Print E-mail
Written by Editor   
Thursday, 28 July 2005 10:39
It is all excitement at Blackhat this year, security researcher Michael Lynn presented a way to take control of an IOS-based router, using buffer overflow or heap overflow vulnerabilities. He demonstrated the attack method using a vulnerability that Cisco fixed in April. While that flaw is patched, Lynn stressed that the attack can be used with any new buffer overflow or heap overflow, adding that running code on a router is a serious threat. At the same time Lynn, a former researcher for Internet Security Systems (ISS) has caused a little stir. Both Cisco and ISS filed on Wednesday a restraining order against the management of the Black Hat Conference and Michael Lynn.

This is after intense discussions between ISS, Michael Lynn, Cisco, and Blackhat conference management failed on Wednesday. Just days before the conference Cisco staff had spent hours ripping out the ten-page presentation from the conference book and ISS pulled the presentation, although allowing researcher Lynn to speak on a different topic.

But just hours before the presentation Lynn resigned from ISS and presented his original presentation at the Blackhat conference. Lynn commented:

"I feel I had to do whats right for the country and the national infrastructure."

and

"It has been confirmed that bad people are working on this. The right thing to do here is to make sure that everyone knows that its vulnerable."

Numerous times during his presentation Lynn commented that he would likely face legal action as a result of his presentation. Both ISS and Cisco condemned the presentation in strong terms that indicated that they may initiate legal action against Lynn. Meanwhile conference organisers denied that they had known of Lynn’s intent to do a last minute presentation switch.

However the fact of the matter, Lynn presented an eight step process for taking a known but unpatched flaw to compromise a Cisco IOS based router and gain total control of the router. Lynn did not disclose and specific vulnerabilities in his presentation, however he said that finding new flaws to exploit using his method would not be hard.

Add this page to your favorite Social Bookmarking websites
Digg! Reddit! Del.icio.us! Google! Live! Facebook! Technorati! StumbleUpon! Yahoo!
Last Updated ( Thursday, 14 September 2006 21:53 )