Possible Cisco zero day exploit revealed at Black Hat

Controversy looms for Cisco once again at Black Hat, as information revealed Wednesday could lead to another significant zero day vulnerability and exploit.

Hendrik Scholz, lead VoIP developer and systems engineer with Freenet Cityline of Germany, saved the best for last during his Black Hat USA 2006 presentation Wednesday on SIP stack fingerprinting and attacks. His final slide appeared to featured limited details on an undisclosed flaw related to Session Initiation Protocol (SIP) in Cisco Systems Inc. PIX series of firewalls and security appliances.

According to Mike Caudill and Jeffrey Lanza, incident managers with Cisco's Product Security Incident Response Team (PSIRT), the networking giant is unsure whether the details describe a vulnerability or a misconfiguration. Possible Cisco zero-day exploit revealed at Black Hat

Linked by shanmuga Friday, 4th August 2006 2:46AM