NSA able to compromise Cisco, Juniper, Huawei switches

Randy Bush randy at psg.com
Mon Dec 30 22:51:38 UTC 2013


> Clay Kossmeyer here from the Cisco PSIRT.

shoveling kitty litter as fast as you can, eh?

> http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20131229-der-spiegel

"The article does not discuss or disclose any Cisco product vulnerabilities."

this is disengenuous at best.  from the nsa document copied in der
spiegel and now many other places:

  "JETPLOW is a firmware persistence implant for Cisco PIX series and
   ASA firewalls ..."

so in cisco kitty litter lingo, what would be "discuss[ing] or
disclos[ing] any Cisco product vulnerabilities?  the exploit code
itself?

randy



More information about the NANOG mailing list