February 19, 2008
Cisco Issues Security Alerts for its Unified Communications Products
By Patrick Barnard, TMCnet Assignment Editor
Cisco (News - Alert) has issued two security alerts relating to flaws in its unified communications products which could enable hackers to launch denial of service attacks or hack into company telephony systems and retrieve sensitive information, among other annoyances.
According to published reports, one of the alerts concerns a flaw in certain Cisco Unified IP Phone models running its Skinny Call Control Protocol (SCCP) and/or Session Initiation Protocol (News - Alert) (SIP). The other alert relates to a vulnerability which might enable a hacker to launch an SQL Injection attack affecting Cisco's Unified Communications (News - Alert) Manager software.
Numerous models of Cisco’s SCCP- and SIP-based phones contain a buffer overflow vulnerability in the handling of DNS responses. The company said a hacker launching a specially-crafted DNS response might be able to trigger a buffer overflow and execute arbitrary code on a vulnerable phone. The company has already patched the vulnerability in SCCP firmware version 8.0(8) and SIP firmware version 8.8(0), but certain other versions are still vulnerable.
As per a report appearing Wednesday on Network World (News - Alert), there are, in fact, “three vulnerablities that affect certain SCCP devices: a large Internet Control Message Protocol (ICMP) Echo Request DOS, which can cause a vulnerable device to reboot by sending a large ICMP echo request packet; an HTTP Server DOS problem that could cause certain phones to reboot by sending a specially crafted HTTP request to TCP port 80; and a Secure Shell (SSH) flaw in other Cisco phones that could cause the phones to reboot if an unauthenticated attacker sent a specially crafted packet to port 22.” The company is reportedly working to fix all vulnerabilities. Cisco has also reportedly identified three vulnerabilities affecting its SIP devices, including a SIP Multipurpose Internet Mail Extensions (MIME) boundary overflow, a Telnet Server overflow, and a SIP Proxy Response overflow.”
This makes three UC-related alerts that Cisco has had to make so far this year. In January the company sent out an alert warning that its Unified Communications Manager contains a “heap overflow” vulnerability in the Certificate Trust List that could allow a hacker to cause a denial-of-service attack or execute arbitrary code.
Cisco has reportedly released free software updates to address the aforementioned vulnerability in Unified Communications Manager, which could open it up to an SQL injection attack in the parameter key of the admin and user interface pages. Such an attack could give a hacker access to usernames and password hashes that are stored in the database.
Don’t forget to check out TMCnet’s White Paper Library, which provides a selection of in-depth information on relevant topics affecting the IP Communications industry. The library offers whitepapers, case studies and other documents which are free to registered users. Today’s featured white paper is Call Center First Call Resolution Guide, brought to you by Enkata.
Session Initiation Protocol (SIP) | X | SIP is the real-time communication protocol for VoIP. SIP is a signaling protocol for Internet conferencing, telephony, presence, events notification (emergency calling) and instant messaging.
SIP...more |
Transmission Control Protocol (TCP) | X | Transmission Control Protocol is the connection-oriented protocol that verifies IP packets are sent and received reliably. TCP relies on a sliding-window (slide the window to the receiver with data a...more |
Domain Name Server (DNS) | X | DNS basic functions provide:
- A way to identify computers like phone numbers.
- Servers called Proxy Servers change web site URL-Uniform Resource Locator words and names such as www.techtionary.com...more |
Internet Protocol (IP) | X | IP stands for Internet Protocol, a data-networking protocol developed throughout the 1980s. It is the established standard protocol for transmitting and receiving data
in packets over the Internet. I...more |
SIP Proxy | X | Proxy Server call flow where Proxy Server sets up call. Proxy Server is an optional SIP-Session Initiation Protocol component that handles routing of SIP signaling but does not initiate SIP messages....more |
(source: http://visualvoicemail.tmcnet.com/unified-communications/articles/20968-cisco-issues-security-alerts-its-unified-communications-products.htm)
|
|