The leak can be traced back to researcher Michael Lynn, who investigated the software in the course of his employment with Atlanta-based Internet Security Systems (ISS), and then went public with his findings at a Black Hat conference in Las Vegas on Wednesday.
The presentation had originally received the backing of ISS, but by Wednesday the firm had removed its support, and Lynn resigned from the firm in order to give the talk.
According to reports, the presentation, which has been well received in the internet community, not only discussed a known flaw in the software, but also described various ways of expanding the exploitation of the vulnerability – information that, since Cisco is the world’s largest maker of routers, the devices that direct internet communications, could have a big impact.
Lynn has been hailed a hero by some, warning of future problems with the routers and giving users a chance to protect their systems.
But Cisco and ISS view the presentation differently, and have taken legal action.
On Thursday Cisco and ISS were awarded an injunction against Lynn and the Black Hat conference organisation, prohibiting both parties from disseminating any details of the presentation.
The injunction also forbids Lynn from making further use of, or disclosing, any of the research contained in the presentation.
However, according to the BBC, details of the talk have already made their way onto the internet and, despite a flurry of cease-and-desist letters, the information is spreading.
Hackers are already working on exploits for the flaw, reports Reuters.
