By Robert McMillan
IDG News Service
Cisco's products will again come under scrutiny again at this year's Black
Hat USA 2006 conference, which kicks off later this month in Las Vegas.
Conference organizers say that 15 new exploits will be discussed at this
year's event and that two of them target Network Admission Control and
VoIP vulnerabilities that affect products from a number of vendors,
Security researchers, no longer as focused on digging up bugs in core
Windows components, are looking for green fields, said Black Hat Director
Last year Cisco sued Black Hat conference organizers after security
researcher Michael Lynn demonstrated a method for running unauthorized
code on a Cisco router. It was a difficult technical achievement that had
been considered impossible by some, but Cisco saw it to be a dangerous
disclosure of information that could be used to harm the Internet's
Black Hat and Cisco settled the lawsuit after conference organizers
promised not to disseminate information on Lynn's research. Lynn is not
listed among this year's presenters.
However, it is unlikely that Cisco will be suing the conference this year,
given that neither of the exploits target Cisco specifically. Instead they
relate to underlying technologies that are used by a large number of
products, including Cisco's NAC and VoIP products.
One researcher, Ofir Arkin, the chief technology officer of Insightix,
will be speaking about NAC technologies "and ways to bypass them," he said
in an e-mail interview. Information on Arkin's presentation can be found
A second presentation, given by researchers at 3Com and SecureLogix will
examine the SIP (Session Initiation Protocol) used by VoIP systems. "In
it, we describe and demonstrate many real-world VOIP exploitation
scenarios against SIP-based systems (Cisco, Avaya, Asterisk, etc.)," the
presenters wrote in a description of their talk. This description can be
Researchers will disclose three exploits that take advantage of bugs in
the Linux-based Asterisk PBX telephony software, conference organizers
said. And as previously reported, wireless security researchers David
Maynor and Jon Ellch plan to show a way of running unauthorized software
on a laptop computer by manipulating buggy code in the system's wireless
Products from perennial favorites Microsoft and Oracle will also be
discussed, with three Oracle exploits and four Microsoft exploits being
disclosed, Black Hat said. There will also be discussion of two Linux
exploits and one relating to Xerox's products.
Researchers will also demonstrate 25 new hacking tools at the show, which
will also be noteworthy for its degree of friendly cooperation with
technology vendors. Cisco itself is a platinum sponsor at the show, and
Microsoft employees will be speaking at a track devoted entirely to the
company's upcoming Windows Vista operating system.
Black Hat's Moss credits Lynn with inspiring new research work in the area
of embedded devices, which be one of the hottest areas of research at this
year's conference. By showing how Cisco's routers could be hacked and made
to run unauthorized code just like a PC, Lynn helped change the way
researchers think about many of these devices. "Once he did that, it
really opened people's eyes," Moss said. "The amount of people who are now
beating up on embedded devices has changed. Now the floodgates are
The IDG News Service is a Network World affiliate.
All contents copyright 1995-2006 Network World, Inc.
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.