[ news_security_news ]
Cisco PIX Could Be Picked Open
David Utter
Staff Writer
2006-08-04
 Insider Reports RSS Feed
The Cisco PIX Firewall has a vulnerability the could be blown open to allow attackers into a corporate network, but details of the flaw were not disclosed by the security researcher who discussed it during a Black Hat session on VoIP security.
Cisco and Black Hat, old friends ever since last year's kerfuffle where Cisco threatened lawsuits against the conference and researcher Michael Lynn for talking about a problem in the Cisco IOS software, were not butting heads this year.
That's surprising considering Cisco's behavior at the last Black Hat conference. The company arranged to have Lynn's presentation notes ripped out of every copy of the conference's printed material on the sessions.
This year, Cisco was much better behaved when Hendrik Scholz, a developer with Freenet Cityline, just happened to bring up a method for bypassing the PIX firewall, Techworld reported.
"You can open up whatever port you want... and access internal servers from the outside," he said "It's really easy to do and we're talking to Cisco about how to get it fixed."
Scholz brought up the issue with the last slide of his presentation. That slide was not included in distributed presentation materials. And Scholz was not about to discuss it any more after his session ended, the report noted:
"If you are interested in details regarding 'the last slide' all I can tell you right now is that Cisco is working to get it fixed," he said via e-mail.
---
Tags: Cisco, Black Hat
Add to  Del.icio.us |  Digg |  Yahoo! My Web |  Furl
Get all the updates in RSS: 
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
