RE: CCO Password Reset

From: Church, Chuck (cchurch@netcogov.com)
Date: Thu Aug 04 2005 - 09:00:49 GMT-3

• Next message: slammer@broadpark.no: "What would you do...regarding the new lab format"
• Previous message: Lee: "Re: CCO Password Reset"
• Maybe in reply to: Neo Shi: "CCO Password Reset"
• Next in thread: Tony Schaffran: "RE: CCO Password Reset"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I don't think we're getting the full story here. They claim they found
an issue that could expose passwords, but then they say they're
investigating the "incident". Finding a vulnerability and fixing it
isn't really an "incident". Looking through logs and finding that it's
actually been exploited is an "incident". If it was just a possibility
of password theft, I think they would have fixed the vulnerability, and
then sent out an email asking people to change their password, or maybe
forcing them to change after the next successful login. The knee-jerk
reaction of resetting everyone's in the middle of the night indicates
something happened. Also, they don't indicate that the vulnerability
has actually been fixed. So now my new password can be obtained through
the search engine???

Chuck Church
Lead Design Engineer
CCIE #8776, MCNE, MCSE
Netco Government Services - Design & Implementation Team
1210 N. Parker Rd.
Greenville, SC 29609
Home office: 864-335-9473
Cell: 864-266-3978
cchurch@netcogov.com
PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4371A48D

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Neo Shi
Sent: Thursday, August 04, 2005 1:05 AM
To: ccielab@groupstudy.com
Subject: CCO Password Reset

Hi list:
 Bad News:

The company said Cisco.com <http://Cisco.com> has been compromised and
that
customers need to change their passwords.

"It has been brought to our attention that there is an issue in a
Cisco.com<http://Cisco.com>search tool that could expose passwords for
registered users," the company
warned.

"As a result, to protect our registered Cisco.com <http://Cisco.com>
users,
we're taking the proactive step of resetting Cisco.com
<http://Cisco.com>passwords. Needless to say, we're investigating the
incident, which does not
appear to be due to a weakness in our security products and technologies
or
with our network infrastructure."

The company also stressed on its site that the incident appears
unrelated to
flaws in Cisco products.

• Next message: slammer@broadpark.no: "What would you do...regarding the new lab format"
• Previous message: Lee: "Re: CCO Password Reset"
• Maybe in reply to: Neo Shi: "CCO Password Reset"
• Next in thread: Tony Schaffran: "RE: CCO Password Reset"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:01:18 GMT-3