Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Cisco product flaws affect VoIP gear, routers

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Cisco product flaws affect VoIP gear, routers
Date: Fri, 20 Jan 2006 00:14:43 -0600 (CST) 
http://www.networkworld.com/news/2006/011906-cisco-voip-flaw.html

By Phil Hochmuth
NetworkWorld.com
01/19/06

A triad of Cisco product vulnerabilities could cause problems for
users of the company's IP PBXs and certain routers, Cisco warned this
week.

One vulnerability affecting Cisco CallManagers could leave the IP PBX
servers open to denial-of-service attacks, potentially shutting down
phone service inside an organization using Cisco CallManagers.

Cisco says the DoS vulnerability exists because CallManager servers do
not time out TCP connections on certain ports fast enough. This could
cause overuse of CPU and memory resources on the server and lead to a
crash or reboot and IP phones not responding with dial tone, the
company says.

Vulnerable versions of CallManager are 3.2, 3.3, 4.0 and 4.1. Theses
versions "do not manage TCP connections and Windows messages
aggressively," says a Cisco bulletin warning of the vulnerabilities.

Since such an attack would require network access to CallManagers,
which are typically deployed behind a firewall, an external DoS attack
on the IP PBX is less likely.

Another vulnerability warning sent to customers this week involves the
Multi Level Administrator service on CallManager servers.  
Administrative users without read-write administrator-level access to
the CallManager could bump up their privileges by sending a "crafted
URL" to the CallManager administrator Web page on the server. This
vulnerability affects the same CallManager versions as the DoS issue,
Cisco says.

Software fixes for both CallManager vulnerabilities are available.

The third bulletin from Cisco this week warns of a problem in the
vendor's IOS router software that could result in a remotely executed
DoS attack on Cisco gear. The problem is with the Cisco IOS Stack
Group Bidding Protocol (SGBP), which is used on routers that aggregate
multiple Point-to-Point Protocol (PPP) connections. When aggregating
multiple PPP links, known as Multilink PPP, the SGBP is used by
devices connected via Multilink PPP to identify each other.

Cisco says that if a specially crafted UDP packet is sent to port 9900
on an affected router (i.e., a device running Multilink PPP and SGBP)  
the device could freeze. Cisco has issued a software fix for the
problem.

Short of upgrading IOS software, users can also set up an access
control list to block untrusted access to a router via SGBP, Cisco
says.



_________________________________
InfoSec News v2.0 - Coming Soon! 
http://www.infosecnews.org
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Cisco product flaws affect VoIP gear, routers, InfoSec News <=
Previous by Date:  [ISN] In the interest of helping journalists cover Oracle.., InfoSec News
Next by Date:  [ISN] Computer crime costs $67 billion, FBI says, InfoSec News
Previous by Thread:  [ISN] In the interest of helping journalists cover Oracle.., InfoSec News
Next by Thread:  [ISN] Computer crime costs $67 billion, FBI says, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]