-Case Scenario"> The worst-case secenario is that some evil-doer could use the source code to create an image of the PIX software that provides a back-door for him or others to magically circumvent the firewall. But for that scenario to work, the bad guys would have to convince their target to install that software image onto a firewall. And targets worth attempting an attack of that kind of sophistication on, requiring such a high level of both "social engineering" and significant resources to back it, arent very numerous. Alternatively, someone with deep programming knowledge could identify ways to attack existing routers by creating buffer overflows in the software with external inputfor a denial-of-service attack. Or they could find a way to pull off some sort of "man in the middle" attack against a VPN session based on gaps in how PIX handles session authentication.For more insights from Sean Gallagher, check out his Weblog. But if hackers wanted to spend $24,000 to figure out how to take out a PIX firewall, theyd probably be better off spending it on a Cisco PIX firewall of their own, or maybe some Cisco network engineer training. Thats because most of the vulnerabilities in firewalls are the result of misconfigurationand the best way to learn about those vulnerabilities is by learning how to run a firewall correctly. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
In fact, these are both vulnerabilities that Cisco has found in the past in the PIX softwaretwo years ago, in earlier versions of the software. Odds are that Cisco has filled in most of these holesat least the ones that are obvious from just looking at the source code.