On Friday, the Web site Cryptome.org posted what appear to be slides written to accompany a presentation given by former Internet Security Systems Inc. (ISS) researcher Michael Lynn, at the Black Hat conference in Las Vegas.
The slides had been published in conference materials for the show, but after a last-minute decision by ISS
to cancel the presentation, they were literally ripped from the Black Hat books.ISS
had planned to replace the Wednesday presentation, entitled "The Holy Grail: Cisco IOS Shellcode and Remote Execution," with a different one, but Lynn
, formerly a research analyst at ISS
, quit his
job and gave the Cisco presentation anyway.
In it, he
described a now-patched flaw in the Internetwork Operating System (IOS) software used to power Cisco's routers, and demonstrated a buffer-overflow attack in which he
took control of a router.Although Cisco
was informed of the flaw by ISS
, and patched its firmware in April, users running older versions of the company's software are at risk, he
Black Hat and Lynn
were then sued by Cisco and ISS
in an attempt to prevent the details of Lynn's talk from being circulated.
"The source was not Michael Lynn
, or did not use that name," he
said via e-mail.
A Cisco spokesman said his
company is not planning any further legal action relating to Lynn's talk."With the capabilities of the Internet
, it becomes a futile effort," he
...By suing Lynn and Black Hat, Cisco ended up drawing much more attention to the flaw than it would have otherwise received, according to Richard Forno, the independent security consultant who maintains the Infowarrior.com Web site.