Cisco Tries to Stop Full Disclosure

Cisco has filed a restraining order against Michael Lynn after he decided to go on, even after being threatened that Cisco will take legal action, and give a presentation during the Black Hat convention on a security vulnerability discovered in Cisco’s router operating system (IOS). This vulnerability was discovered by him while he was being employed by ISS.

During this presentation Mr Lynn also mentioned that this flaw in the Cisco IOS could expose the Internet to a crippling attack. The hole has already been fixed by software updates to Cisco routers.

The legal filing was made by both Cisco and Mr Lynn’s former employee, Internet Security Systems (ISS).

Cisco claims that they are only trying to protect its intellectual property by stopping any further revelations about the software flaw. Mr Lynn said he left his job so that he could deliver his presentation to the Black Hat conference of computer security professionals on Wednesday 27 July.

By the way, Cisco is claiming that they are aware of the flaw and have patched it in recent software updates to its routers. But if this is true, why are they working so hard in filling a law suit?

Some additional information has arrived from xort but is yet to be confirmed: Mike’s outstanding research was going to both prove that it is possible to spawn a remote connection of a IOS-shell to a foreign host via heap overflows without having the router crash/reload IOS software. It is important that information like this be made public..

The complete presentation can be found at: http://www.jwdt.com/~paysan/lynn-cisco.pdf, http://md.hudora.de/archive/pub/lynn-cisco.pdf or http://cryptome.org/lynn-cisco.zip

Share