NSA able to compromise Cisco, Juniper, Huawei switches

Sharif Torpis faust at grift.com
Mon Dec 30 23:46:06 UTC 2013

On 12/30/2013 3:51 PM, Randy Bush wrote:
>> Clay Kossmeyer here from the Cisco PSIRT.
> shoveling kitty litter as fast as you can, eh?
>> http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20131229-der-spiegel
> "The article does not discuss or disclose any Cisco product vulnerabilities."
> this is disengenuous at best.  from the nsa document copied in der
> spiegel and now many other places:
>    "JETPLOW is a firmware persistence implant for Cisco PIX series and
>     ASA firewalls ..."
> so in cisco kitty litter lingo, what would be "discuss[ing] or
> disclos[ing] any Cisco product vulnerabilities?  the exploit code
> itself?
> randy

What is the vulnerability in Cisco product Randy?
That a 3rd party can replace the firmware in your firewall?
There isn't enough information to determine if this is a software
vulnerability triggered with exploit code or wholesale firmware
replacement. The document refers to an implant but not how it gets there.

"The first rule of any game is to know that you're in one."
-Sandy Lerner, co-founder, Cisco Systems

More information about the NANOG mailing list