- BlackBerry Storm vs. the iPhone
- Digg's Kevin Rose: "We have to do better"
- Blogger warns: "Nortel doesn't make it out alive"
- Financial quagmire bringing out the scammers
- Verizon plays with the wrong e-mail addresses
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SafeGuard Enterprise Solution Center | SOA | Test your Web Filter | Value of WDS
Cisco has been unable to reproduce a security flaw reported in its PIX firewall appliance earlier this month, the networking company said Tuesday.
The alleged flaw was discovered by Hendrik Scholz, a developer with Freenet Cityline GmbH, who discussed it during Aug. 2 presentation at the Black Hat USA conference in Las Vegas. Freenet is a German VoIP service provider.
Scholz claimed that if someone sent the PIX device a specially crafted SIP message, the firewall would then allow attackers to send traffic to any device on the network. SIP is a protocol used to set up telephone calls and other communication sessions over the Internet.
"We've had engineers both within the business unit and within our PSIRT [product security incident response team] organization looking into this," said John Noh, a Cisco spokesman. "We have not been able to replicate what he claims he has discovered."
Cisco had not ruled out the possibility that a flaw exists and is still testing its security appliances for a possible vulnerability, Noh said. But the company wanted to update customers on what it had found so far, he explained. "This is just a response for the benefit of our customers who might have seen the press coverage."
Scholz could not be reached immediately for comment.
During his Black Hat presentation, the security researcher said that exploiting the flaw was "really easy to do." But in an e-mail interview conducted two weeks ago, Scholtz said that a hacker would first need to know "intimate details" about the network being attacked and have control of a device on the inside in order to pull off the attack.
The problem, as Scholtz described it, had to do with the PIX SIP state engine and parser.
Cisco's comments on Scholtz's findings can be found here.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment