According to TechWeb, flaws in Cisco's Call Manager software could allow an attacker to bring down the software resulting in a DoS (denial of service) attack that will knock your VoIP-based phone system offline.
According to Internet Security Systems' (ISS) X-Force research team, Cisco's CallManager has a pair of bugs that could be exploited by hackers. Cisco has released an advisory on this bug.
In addition to a potential denial-of-service style crash, ISS explains a possible scenarion where the attacker "could redirect calls at will or even eavesdrop on conversations". Yikes!
Expect to see lots of mainsteam news outlets quoting analysts who say "This is why VoIP is not ready for prime-time." or "VoIP is suitable for residential deployments, ala Vonage, CallVantage, etc. but businesses where phone service is critical should carefully consider the implications of using VoIP."
Oh no, the sky is falling! Find a bug in VoIP and all of sudden, VoIP isn't reliable enough. Sometimes the MSM (main-stream media) goes overboard by "sensationalizing" news. The Cisco bug is important, don't get me wrong, but I will be annoyed if I read some industry analyst who states VoIP is not good, practical, or "reliable" for businesses. I'm sure they will be out there with their egos - just to get their name in lights and quoted by the major news outlets.
And speaking of the MSM and sensationalizing, this reminds me of New York Sen. Chuck Schumer, who I just can't seem to get away from when I watch CNN, Fox News, etc. That man is everywhere espousing his opinion on everything from who President Bush should nominate to the Supreme Court to Karl Rove should be fired, etc. etc. Everything to Sen. Schumer is a damn crisis. He seems like a bright enough guy, but I just have to change the channel whenever he comes on. His ego is too big - even for me.
Cisco Call Manager Security Flaw
Categories:
Technorati
Del.icio.us
Slashdot
Digg
twitter- Related Entries to Cisco Call Manager Security Flaw
- SmartSIP Launches for OCS 2007 R2 Enabling Any SIP Phone & Any SIP Trunking Service Provider - Mar 04, 2009
- John Chambers Blogs about Broadband Stimulus on GigaOM - Mar 04, 2009
- SHSU Switches Back to Cisco CallManager from Asterisk - Feb 27, 2009
- Cisco TelePresence Video Conferencing Enables Fans to Interact with NBA Players - Feb 13, 2009
- Cisco Unified MeetingPlace 7.0 with WebEx integration Review - Feb 05, 2009
- Cisco ASR 9000 High-end Router Launches - Nov 11, 2008
- Cisco AutoQoS Enables Easy VoIP QoS - Sep 11, 2008
- Digium AsteriskNOW News and more... - Aug 25, 2008
- The IP-PBX Energy Wars... - Aug 04, 2008
- Cisco Manager Meets Jurassic Park - Jul 10, 2008
Listed below are links to sites that reference Cisco Call Manager Security Flaw:
Cisco Call Manager Security Flaw TrackBack URL : http://blog.tmcnet.com/mt/mt-tb.cgi/9443
Related Entries
- SmartSIP Launches for OCS 2007 R2 Enabling Any SIP Phone & Any SIP Trunking Service Provider
- John Chambers Blogs about Broadband Stimulus on GigaOM
- SHSU Switches Back to Cisco CallManager from Asterisk
- Cisco TelePresence Video Conferencing Enables Fans to Interact with NBA Players
- Cisco Unified MeetingPlace 7.0 with WebEx integration Review
- Cisco ASR 9000 High-end Router Launches
- Cisco AutoQoS Enables Easy VoIP QoS
- Digium AsteriskNOW News and more...
- The IP-PBX Energy Wars...
- Cisco Manager Meets Jurassic Park
Leave a comment