Cisco Denial of Service VoIP Attack

CNET is reporting that routers running the IOS Telephony Service, Cisco CallManager Express and Survivable Remote Site Telephony features could be vulnerable.

The CallManager Express feature enables Cisco IP routers to handle call processing for Cisco IP phones. Cisco said in its warning that certain "malformed packets" sent to the port handling the Skinny Call Control Protocol may cause the device to reload. An attacker exploiting this bug could flood the device with malformed packets that would cause the device to reload over and over again, causing a denial-of-service attack.

Although there are no reports of this attack causing VoIP phones to crash or reboot, the possibility of hackers causing a major corporation with hundreds of Cisco IP phones deployed could cost the company millions - not to mention a very bad black eye for the VoIP industry.

Let's hope Cisco fixed the bug quickly and that this is the last we hear of a vulnerability in their IOS operating system or at least none that affects their VoIP offerings. Wishful thinking I am sure...

January 21, 2005 4:41 PM | 0 Comments | 0 TrackBacks

Categories:

Tags:

Post a comment
View Cisco Denial of Service VoIP Attack news in TechnoratiTechnorati bookmark Cisco Denial of Service VoIP Attack in del.icio.usDel.icio.us Slashdot.comSlashdot Submit Cisco Denial of Service VoIP Attack to Digg.comDigg

Listed below are links to sites that reference Cisco Denial of Service VoIP Attack:

0 TrackBacks

Cisco Denial of Service VoIP Attack TrackBack URL : http://blog.tmcnet.com/mt/mt-tb.cgi/1149

Leave comment to Cisco Denial of Service VoIP Attack article

    View my Microsoft MVP Profile:

Blogroll

Recent Assets

  • motorola-femtocell-voip-prototype.jpg
  • nutsieblackberry.jpg
  • asus eee news_0924a.jpg
  • dell1_72_270x337.jpg
  • skype-for-asterisk.jpg
  • aex410.png
  • foggy-telephone-pole.preview.jpg
  • Sony Bluetooth Watch MBW_TN_70x70.jpg
  • Google G1 HTC 627f69ee-0ea6-46fa-b750-8c995cdad79f.jpg
  • jaginga-logo.gif

Yearly Archives

'04 '05 '06 '07 '08
  Jan Jan Jan Jan
  Feb Feb Feb Feb
Mar Mar Mar Mar Mar
Apr Apr Apr Apr Apr
May May May May May
Jun Jun Jun Jun Jun
Jul Jul Jul Jul Jul
Aug Aug Aug Aug Aug
Sep Sep Sep Sep Sep
Oct Oct Oct Oct  
Nov Nov Nov Nov  
Dec Dec Dec Dec  

Around TMCnet Blogs

  • Communications and Technology Blog - Tehrani.com:
    Which Web 2.0 Companies Are in Trouble?
  • First Coffee:
    CRM for IDOX, Neolane's Marketing Automation, SugarCRM Webcast, Agresso and Sabre, Webalo
  • Greg Galitzine's VoIP Authority Blog:
    TelcoBridges at WiMAX World
  • VoIP & Gadgets Blog:
    Ultimate Ears -- Very Sweet ...
  • Communications and Technology Blog - Tehrani.com:
    Avatars: The Cursor in Communications 2.0
  • First Coffee:
    CRM Training for Infusionsoft, OneSource in Europe, StrongMail and Marketo, Griffin and ReachForce, Kintera Support, NetSuite
  • Greg Galitzine's VoIP Authority Blog:
    Nokia: Out of UC, In with Touch-Screen Phone
  • VoIP & Gadgets Blog:
    Triple Play Moving to Quintuple Play?

    • Latest Whitepapers

  • The PBX Is Dead. Long Live the Integrated Communications System (ICS)
  • Best Practices for Voice Network Utilization
  • The Path to a Needs-based 9-1-1 Network
  • Signaling System 7 (SS7) Pocket Guide: Exclusive reference guide for SS7 signaling professionals
  • SIP Pocket Guide: Exclusive reference guide for Session Initiation Protocol (SIP) professionals
  • SIP Signaling and Session Control Part 1: Upgrading the Next-gen Network
  • Key Performance Indicators (KPIs): Leveraging signaling-based KPIs to optimize the network and improve the business
  • Mobile Security: Malicious attached are just around the corner. Are you protected?
  • Mobile Advertising: The Next Great Revenue Opportunity
  • Mobile Unified Communications: Delivering on the Promise of FMC Seamless Mobility