February 19, 2008

Cisco Issues Security Alerts for its Unified Communications Products

By Patrick Barnard, TMCnet Assignment Editor

According to published reports, one of the alerts concerns a flaw in certain Cisco Unified IP Phone models running its Skinny Call Control Protocol (SCCP) and/or Session Initiation Protocol (News - Alert) (SIP). The other alert relates to a vulnerability which might enable a hacker to launch an SQL Injection attack affecting Cisco's Unified Communications (News - Alert) Manager software. 

Numerous models of Cisco’s SCCP- and SIP-based phones contain a buffer overflow vulnerability in the handling of DNS responses. The company said a hacker launching a specially-crafted DNS response might be able to trigger a buffer overflow and execute arbitrary code on a vulnerable phone. The company has already patched the vulnerability in SCCP firmware version 8.0(8) and SIP firmware version 8.8(0), but certain other versions are still vulnerable.

As per a report appearing Wednesday on Network World (News - Alert), there are, in fact, “three vulnerablities that affect certain SCCP devices: a large Internet Control Message Protocol (ICMP) Echo Request DOS, which can cause a vulnerable device to reboot by sending a large ICMP echo request packet; an HTTP Server DOS problem that could cause certain phones to reboot by sending a specially crafted HTTP request to TCP port 80; and a Secure Shell (SSH) flaw in other Cisco phones that could cause the phones to reboot if an unauthenticated attacker sent a specially crafted packet to port 22.” The company is reportedly working to fix all vulnerabilities. Cisco has also reportedly identified three vulnerabilities affecting its SIP devices, including a SIP Multipurpose Internet Mail Extensions (MIME) boundary overflow, a Telnet Server overflow, and a SIP Proxy Response overflow.”

Don’t forget to check out TMCnet’s White Paper Library, which provides a selection of in-depth information on relevant topics affecting the IP Communications industry. The library offers whitepapers, case studies and other documents which are free to registered users. Today’s featured white paper is Call Center First Call Resolution Guide, brought to you by Enkata.

Session Initiation Protocol (SIP)	X
SIP is the real-time communication protocol for VoIP. SIP is a signaling protocol for Internet conferencing, telephony, presence, events notification (emergency calling) and instant messaging. SIP...more

Transmission Control Protocol (TCP)	X
Transmission Control Protocol is the connection-oriented protocol that verifies IP packets are sent and received reliably. TCP relies on a sliding-window (slide the window to the receiver with data a...more

Domain Name Server (DNS)	X
DNS basic functions provide: - A way to identify computers like phone numbers. - Servers called Proxy Servers change web site URL-Uniform Resource Locator words and names such as www.techtionary.com...more

Internet Protocol (IP)	X
IP stands for Internet Protocol, a data-networking protocol developed throughout the 1980s. It is the established standard protocol for transmitting and receiving data in packets over the Internet. I...more

SIP Proxy	X
Proxy Server call flow where Proxy Server sets up call. Proxy Server is an optional SIP-Session Initiation Protocol component that handles routing of SIP signaling but does not initiate SIP messages....more

(source: http://visualvoicemail.tmcnet.com/unified-communications/articles/20968-cisco-issues-security-alerts-its-unified-communications-products.htm)