NSA able to compromise Cisco, Juniper, Huawei switches

Sharif Torpis faust at grift.com
Mon Dec 30 23:46:06 UTC 2013


On 12/30/2013 3:51 PM, Randy Bush wrote:
>> Clay Kossmeyer here from the Cisco PSIRT.
>
> shoveling kitty litter as fast as you can, eh?
>
>> http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20131229-der-spiegel
>
> "The article does not discuss or disclose any Cisco product vulnerabilities."
>
> this is disengenuous at best.  from the nsa document copied in der
> spiegel and now many other places:
>
>    "JETPLOW is a firmware persistence implant for Cisco PIX series and
>     ASA firewalls ..."
>
> so in cisco kitty litter lingo, what would be "discuss[ing] or
> disclos[ing] any Cisco product vulnerabilities?  the exploit code
> itself?
>
> randy
>

What is the vulnerability in Cisco product Randy?
That a 3rd party can replace the firmware in your firewall?
There isn't enough information to determine if this is a software
vulnerability triggered with exploit code or wholesale firmware
replacement. The document refers to an implant but not how it gets there.

-- 
"The first rule of any game is to know that you're in one."
-Sandy Lerner, co-founder, Cisco Systems




More information about the NANOG mailing list