AT&T Tech Support 360
- Related Stories
-
More legal threats over Cisco flaws
July 29, 2005 -
Cisco details controversial router flaw
July 29, 2005 -
Cisco hits back at flaw researcher
July 27, 2005
The company said Cisco.com has been compromised and that customers need to change their passwords.
"It has been brought to our attention that there is an issue in a Cisco.com search tool that could expose passwords for registered users," the company warned.
"As a result, to protect our registered Cisco.com users, we're taking the proactive step of resetting Cisco.com passwords. Needless to say, we're investigating the incident, which does not appear to be due to a weakness in our security products and technologies or with our network infrastructure."
The company also stressed on its site that the incident appears unrelated to flaws in Cisco products.
Hackers around the world have been racing to find a vulnerability in Cisco equipment since it was described by security researcher Michael Lynn at the Black Hat conference in Las Vegas last week. Cisco and Lynn's former employer, Internet Security Systems, took legal action against the researcher following the presentation.
Cisco said the vulnerability was brought to the company's attention by a third-party security research organization and that no personal customer information had been compromised.
"We would like to thank them for contacting us so we could take appropriate action to protect our customers, partners and employees," a company representative said. "Cisco Systems is investigating the incident, and will work with outside agencies as appropriate."
Regarding the breach, one industry watcher said: "I think this has the possibility of having a significant impact on corporations and the intellectual property of Cisco."
But others disagree. Michael Maddison, director of enterprise risk services at Deloitte Touche Tohmatsu, said that "it's more likely to be a vulnerability in Web applications than Cisco equipment. That's my opinion--we see vulnerabilities in Web pages all the time."
Dan Ilett of Silicon.com reported from London. CNET News.com's Marguerite Reardon contributed to this report.
See more CNET content tagged:
Cisco Systems Inc.,
incident,
vulnerability,
password,
researcher
version of the IOS software, not current versions. Upgrading the
IOS in routers is not really that hard, although many are
reluctant to change what is already working for them, and thus
the reason for the issues in the first place. The website issues
are just that, website issues. That is pretty easy to see, if you are
a Cisco customer or know Cisco's system.
People are undoubtedly anxious about these issues, but just
because they happen at near times does not justify lumping the
together, unless they were related.