Create an Account
username: password:
 
  MemeStreams Logo

A Cisco zero-day at Black Hat? | News.blog | CNET News.com

search

Rattle
Picture of Rattle
Rattle's Pics
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Rattle's topics
Arts
  Literature
   Sci-Fi/Fantasy Literature
  Movies
  Music
Business
  Tech Industry
  Telecom Industry
Games
Health and Wellness
Holidays
Miscellaneous
  Humor
  MemeStreams
   Using MemeStreams
Current Events
  War on Terrorism
  Elections
Recreation
  Travel
Local Information
  SF Bay Area
   SF Bay Area News
Science
  Biology
  History
  Nano Tech
  Physics
  Space
Society
  Economics
  Futurism
  International Relations
  Politics and Law
   Civil Liberties
    Internet Civil Liberties
    Surveillance
   Intellectual Property
  Media
   Blogging
  Military
  Security
Sports
Technology
  Biotechnology
  Computers
   Computer Security
    Cryptography
   Cyber-Culture
   PC Hardware
   Computer Networking
   Macintosh
   Linux
   Software Development
    Open Source Development
    Perl Programming
    PHP Programming
   Spam
   Web Design
  Military Technology
  High Tech Developments

support us

Get MemeStreams Stuff!


 
A Cisco zero-day at Black Hat? | News.blog | CNET News.com
Topic: Computer Security 5:38 am EDT, Aug  5, 2006

Last year, Cisco Systems sued a security researcher and organizers of the Black Hat event after a presentation on switch and router security. This year, Cisco is quietly investigating a possible flaw that was mentioned during a talk on VoIP.

In a presentation Wednesday at Black Hat in Las Vegas, Hendrik Scholz of Germany's Freenet Cityline briefly mentioned a flaw in Cisco software, Black Hat organizers said. This flaw had apparently not been patched. Scholz and Black Hat are now keeping quiet on the issue to give Cisco time to investigate and respond.

"We are looking into it," said John Noh, a Cisco spokesman. "We have to look at the validity of it. We take these things very seriously. And if we need to inform our customers, we will."

It is unclear exactly what Cisco application the alleged flaw is in, but it appears to be related to voice over Internet Protocol applications since Scholz's talk was on "SIP Stack Fingerprinting and Stack Difference Attacks." Most of Cisco's current products don't yet offer extensive SIP, or Session Initiation Protocol, support.

This year, Cisco is playing nice. The company is one of the main Black Hat sponsors and Chief Security Officer John Stewart is in attendance. Cisco on Wednesday also threw a party for Black Hat attendees at Pure, the night club at Caesars Palace. One of the attendees spotted at the party: Michael Lynn.

Looks like Cisco learned a lesson after all.

A Cisco zero-day at Black Hat? | News.blog | CNET News.com



 
 
Powered By Industrial Memetics
RSS2.0