Cisco, ISS File For Injunction In Black Hat Vulnerability Flap

The motion, filed in U.S. District Court in San Francisco, seeks a temporary restraining order to stop Michael Lynn, a former ISS employee, from further releasing proprietary information belonging to Cisco and Internet Security Systems. The injunction also names the organizers of the Black Hat conference as defendants.

The filing stems from Lynn&'s Wednesday morning speech at the Black Hat conference. In that talk, Lynn explained how he was able to exploit known vulnerabilities in Cisco&'s IOS software.

Lynn&'s presentation at Black Hat, based on research he conducted as a member of ISS&' X-Force R&D team, was canceled by ISS after the company reached an agreement with Cisco, and copies of Lynn&'s presentation were removed from conference materials.

But Lynn, determined to proceed with the talk, resigned from ISS in order to present the research at Black Hat, according to an ISS spokesperson.

In the motion, Cisco charges that Lynn decompiled Cisco&'s software in his research, a violation of intellectual property and software license rights. ISS further charges that the research Lynn presented was conducted while Lynn was an employee of ISS, thus the research belongs to the company.

“Cisco respects and encourages the work of independent research scientists; however, we follow an industry established disclosure process for communicating to our customers and partners,” the company said in a statement released Wednesday. “It is especially regretful, and indefensible, that the Black Hat Conference organizers have given Mr. Lynn a platform to publicly disseminate the information he illegally obtained.”

Cisco&'s statement added that Lynn&'s presentation was not a disclosure of a new vulnerability or a flaw with Cisco IOS software, but an exploration of “ways to expand exploitations of existing security vulnerabilities impacting routers.”

Attempts to reach Lynn for comment were unsuccessful.