Saturday, December 14, 2024

Cisco Tries To End Spreading of Vulnerability Info

Share

Michael Lynn, a former employee of Internet Security Systems (ISS) quit his job and exposed a vulnerability on Cisco’s router operating system.

He made a presentation at a conference for hackers. Lawyers for Cisco and ISS have been working hard to put an end to any further spreading of this information.

Cisco Tries To End Spreading of Vulnerability Info Lynn reached a settlement with the two companies. He agreed to erase any research data related to the vulnerability, and will no longer distribute any of the information.

This settlement may be too late, however. The information has already been circulating around the net, and hackers are certainly going to take advantage of the vulnerability. Wired News interviewed Mr. Lynn:

Wired News: Can you tell me how all of this started? You were asked by your employer, ISS, to reverse-engineer the Cisco operating system, weren’t you?

Michael Lynn: I was very specifically told…. It was January 26th and Cisco had just announced a totally different vulnerability than the one I demonstrated. They’d announced a vulnerability for something called “Multiple Crafted IPv6 Packets Cause Router Reload” (as they worded it in their patch message). But that’s a very vague term. It just says, “Hey, something is wrong in IP6 with the router reload” … but it didn’t say you could be in control of it.

“”We are going to take every measure available to protect our customers and the integrity of the Internet – we will be taking any actions that we see necessary,” said a spokesperson for Cisco.

“We are not aware of any active exploitations impacting customer networks. We strongly recommend that customers take the necessary actions to upgrade their software to the latest available versions,” they said.

Lynn has gained a following from all of this. A Paypal account has been set up for his supporters to donate money toward helping him with his legal costs. Any leftover cash will reportedly go to the Electronic Frontier Foundation.

Chris is a staff writer for Murdok. Visit Murdok for the latest ebusiness news.

Table of contents

Read more

Local News