• On GameSpot: So-called 'Halo killer' gets 23 to life
August 17, 2006 2:04 PM PDT

Cisco: No zero-day at Black Hat

by Joris Evers

There was no new security vulnerability disclosed in Cisco Systems' PIX firewall at Black Hat, the networking giant said this week. It has investigated claims by a security researcher that the firewall was flawed, but could not reproduce the issue.

"(We're) closing the loop on this one...for now," Cisco spokesman John Noh wrote in an e-mail to CNET News.com.

In a presentation at the Black Hat security event in Las Vegas earlier this month, Hendrik Scholz of Germany's Freenet Cityline briefly mentioned a flaw in Cisco software. This apparent flaw had not been patched, he said.

"We've been working with Mr. Scholz ever since his disclosure in order to re-create this vulnerability," Noh wrote. "So far, we have not been able to reproduce issue and therefore cannot confirm his claim."

Cisco will keep testing and updating a security notice on the issue with new information if it becomes available, Noh said.

According to Scholz the PIX firewall in Cisco's PIX 500 Series Security Appliances could be compromised by sending a specially crafted SIP message to the appliance. SIP, or session initiation protocol, is used in VoIP (voice over Internet Protocol) applications.

Cisco did not know of the possible problem before Scholz's Black Hat presentation, the company said.

Cisco's reaction to the disclosure at Black Hat this year is noticeably different than last year when the networking giant drew the ire of many Black Hat and DefCon attendees after it sued a security researcher and conference organizers.

Topics:

Security,

Cisco

Share:
Digg
Del.icio.us
Reddit
Recent posts from News Blog
Nvidia puts NForce chipset development on hold
Opera 10 browser is here
Neil Young Archives Blu-ray: Rip off?
Acronis revises survey results about backup habits
Acronis miscalculates data on users' bad backup habits
Flickr co-founder presses beta button
Comcast, Sony open retail store
Cox to try coaxing the Internet into submission
Related
Zero-day flaw found in Web encryption
Week in review: Data loss disasters
Critical Windows 7 holes fixed in record Patch Tuesday
Pass the tissue? Drive it over here instead
Zero Motorcycles expands into Asian market
CNET News Daily Podcast: Much ado about extended warranties
Black Wii accessories land November 16
Cisco ruffles feathers with new collaboration tools
advertisement

After 5 years, Firefox faces new challenges

Mozilla helped reshape the Web since releasing Firefox 1.0 five years ago. Now it's got a reawakened Microsoft and Google Chrome to reckon with.

There's a map for that: GPS or smartphone?

Almost every handset comes with mapping software these days, but standalone GPS devices are becoming more affordable than ever.

About News Blog

Recent posts on technology, trends, and more.

Add this feed to your online news reader

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET