Hello, welcome to the Monday, September 19th, 2016 edition of the Sansonet Storm Center's Stormcast.

My name is Johannes Ulrich and the day I'm recording from Baltimore, Maryland.

Let's start today with a security advisory by Cisco.

Cisco states in advisory that current versions of its iOS software suffer from a memory leakage

vulnerability, reminiscence of heart bleed, an unauthenticated attacker will be able to read

arbitrary memory using Ike version 1 security negotiation requests.

The list of vulnerable version is long and you should assume that your Cisco product is

vulnerable if it runs iOS and accepts Ike version 1 requests.

Cisco picks firewalls version 6 are vulnerable as well.

Version 7 should be okay.

An exploit for this vulnerability was released as part of the recent release of the related

exploits by the Shadowbroker Group.

So Cisco is a bit behind here with this advisory,

unlike for the SNMP issues where Cisco came out with advisories pretty much right away.

Most operating systems these days do provide a feature that allow users to take advantage of admin privileges after they provide a password.

This feature has been important to avoid having to run as an administrator all the time, and it has been integrated into various GUIs, like for example in OS10.

In OS10, if you would like to install software, you're often asked for your password in order

to allow the software to install features that require administrative privileges.

Even if you're not an administrator, you can then

just provide the administrator's username and password. While the user enters the password,

there is a chance that malware that runs with the user's privileges, records the password,

and uses the password later to escalate its own privilege.

...