Cisco’s VOIP Vulnerability

July 22nd, 2005

Cisco systems annouced a particularly serious vulnerability that would allow attackers to cripple internal telephone networks.

This exploit would take advantage of security holes found in Cisco’s CallManager software one of the key components of Cisco’s VOIP products. This vulnerability could lead to Denial of Service or even a complete compromise of the VOIP server. From there an attacker could ease drop on phone calls, interrupt and even compromise further systems. To date there have been no reports of attacks using this vulnerability which may stem from the fact that to fully exploit the hole, one must already be inside the network.

You can view Cisco’s Full Disclore report here: http://www.cisco.com/warp/public/707/cisco-sa-20050712-ccm.shtml#summary

Entry Filed under: Vulnerabilities

Leave a Comment

Required

Required, hidden

Some HTML allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Trackback this post  |  Subscribe to the comments via RSS Feed

Calendar

July 2005
M T W T F S S
    Jan »
 123
45678910
11121314151617
18192021222324
25262728293031

Most Recent Posts