-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Response: Rootkits on Cisco IOS Devices
http://www.cisco.com/warp/public/707/cisco-
sr-20080516-rootkits.shtml
Revision 1.0
For Public Release 2008 MAY 16 0400 UTC (GMT)
-
------------------------------------------------------------
---------
Cisco Response
==============
This is the Cisco PSIRT response to an issue that will be
disclosed
at the EUSecWest security conference on May 22nd, 2008 by
Mr.
Sebastian Muniz of Core Security Technologies.
The Cisco PSIRT is aware of new, ongoing research on the
topic of
third party malicious code (also known as
"rootkits") running on
Cisco IOS devices. Cisco Systems is currently in the process
of
analyzing the information available to us on the issue. We
will
update this security response as more information becomes
available.
Additional Information
======================
As of the time of this posting, there has been no indication
of the
discovery of a new vulnerability in Cisco IOS. To the best
of our
knowledge, there is no exploit code available and Cisco
Systems has
not received any customer reports of exploitation.
Cisco recommends following industry best-practices to
improve the
security of all network devices. Risks against Cisco IOS
devices can
be mitigated by following the best practices detailed in the
document
titled "Cisco Guide to Harden Cisco IOS Devices",
which is available
at
http://www.cisco.com/en
/US/tech/tk648/tk361/technologies_tech_note09186a0080120f48.
shtml.
We greatly appreciate the opportunity to work with
researchers on
security vulnerabilities and welcome the opportunity to
review and
assist in product reports. We would like to thank Mr.
Sebastian Muniz
and Core Security Technologies for working with us towards
the goal
of keeping Cisco networks and the Internet, as a whole,
secure.
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND
DOES NOT IMPLY ANY
KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF
THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE
DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR
UPDATE THIS
DOCUMENT AT ANY TIME.
Revision History
================
+---------------------------------------+
| Revision | | Initial |
| 1.0 | 2008-May-16 | public |
| | | release |
+---------------------------------------+
Cisco Security Procedures
=========================
Complete information on reporting security vulnerabilities
in Cisco
products, obtaining assistance with security incidents, and
registering to receive security information from Cisco, is
available
on Cisco's worldwide website at
http://www.cisco.com/en/US/produc
ts/products_security_vulnerability_policy.html
This includes instructions for press inquiries regarding
Cisco
security notices. All Cisco security advisories are
available at
http://www.cisco.com/go
/psirt
-
------------------------------------------------------------
---------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
iD8DBQFILQpW86n/Gc8U/uARAmMIAKCRDT4TPp/WD+yBneGkjZ3ZN6uXzQCf
WHoS
ih6w+gNfGWK3ulX3bYTn71Q=
=jMNF
-----END PGP SIGNATURE-----
_______________________________________________
cust-security-announce mailing list
cust-security-announce cisco.com
To unsubscribe, send the command "unsubscribe" in
the subject of your message to
cust-security-announce-leavecisco.com
|
