标题: Cisco 被曝光后移除今年第七个监听“后门”
九峰





UID 80
精华 5
积分 23277
帖子 12293
阅读权限 100
注册 2005-5-11
发表于 2019-5-29 08:01 AM  资料  个人空间  短消息  加为好友 
Cisco 被曝光后移除今年第七个监听“后门”

Cisco removed its seventh backdoor account this year   
    Cisco, the world's leading provider of top networking equipment and enterprise software, has released today 15 security updates, including a fix for an issue that can be described as a backdoor account.
    ...华岳论坛 - "http://washeng.net"

    This latest patch marks the seventh time this year when Cisco has removed a backdoor account from one of its products, with the other previous six fixes listed below:
    ...华岳论坛 - "http://washeng.net"  


    • March - CVE-2018-0141 - Cisco Prime Collaboration Provisioning
    • March - CVE-2018-0150 - Cisco IOS XE operating system
    • May - CVE-2018-0222 - Cisco Digital Network Architecture
    • June - CVE-2018-0329 - Cisco Wide Area Application Services
    • July - CVE-2018-0375 - Cisco Policy Suite Cluster Manager
    • September - CVE-2018-15427 - Cisco Video Surveillance Manager
    • November - CVE-2018-15439 - Cisco Small Business Switches


    In the majority of the cases above, the backdoor accounts were nothing more than debugging profiles that have been left inside Cisco software/firmware after factory testing or debugging operations.
    ...华岳论坛 - "http://hua-yue.net"  

    Five of the seven backdoor accounts were discovered by Cisco's internal testers, with only CVE-2018-0329 and this month's CVE-2018-15439 being found by external security researchers.
    ...华岳论坛 - "http://washeng.net"  

    The company has been intentionally and regularly combing the source code of all of its software since December 2015, when it started a massive internal audit.
    ...华岳论坛 - "http://hua-yue.net"  

    Cisco started that process after security researchers found what looked to be an intentional backdoor in the source code of ScreenOS, the operating system of Juniper, one of Cisco's rivals. The Juniper ScreenOS backdoor allowed remote attackers to decrypt VPN traffic passing through Juniper devices running certain versions of ScreenOS.
    ...华岳论坛 - "http://washeng.net"  

    Juniper suffered a massive reputational damage following the 2015 revelation, and this may secretly be the reason why Cisco has avoided using the term "backdoor account" all year for the seven "backdoor account" issues. Instead, Cisco opted for more complex wordings such as "undocumented, static user credentials for the default administrative account," or "the affected software enables a privileged user account without notifying administrators of the system."
    ...华岳论坛 - "http://hua-yue.net"  




    It is true that using such phrasings might make Cisco look disingenuous, but let's not forget that Cisco has been ferreting these backdoor accounts mainly on its own, and has been trying to fix them without scaring customers or impacting its own stock price along the way.
    ...华岳论坛 - "http://hua-yue.net"  

    Side note: Today's latest batch of Cisco security fixes also included patches for two other issues, both of which received a 9.8 severity rating on a scale from 1 to 10. The first was anow-classic Java serialization issue that leads to root-level remote code execution in Cisco Unity Express products, while the second was an authentication bypass due to an insecure configuration of Cisco Stealthwatch Management Console systems. ...


顶部

Google
Web nawomen







{/if} 当前时区 GMT-7, 现在时间是 2019-8-22 12:24 AM

    本论坛支付平台由支付宝提供
携手打造安全诚信的交易社区 Powered by Discuz! 5.5.0  © 2001-2007 Comsenz Inc.
清除 Cookies - 联系我们 - 北美女人创作群 - Archiver - WAP
{if }