The Unified CallManager 5.0, software handles call processing for Cisco VoIP solutions, which has two faults in its command line management interface.
The two vulnerabilities are:
1. Unified CallManager 5.0 software
2. Web-based interface to configure Cisco routers
Cisco has now upgraded the Unified CallManager 5.0 software. It supports session initiation protocol and includes buffer overflow vulnerability. So that attackers can exploit by placing hostnames into SIP requests with malicious code making the way for code execution and denial of service attacks.
Cisco has also opened a vulnerability, which affects the Cisco Router Web Setup tool, and is used to configure routers. This error is centered on the failure of applications properly to authenticate remote web based users and it will allow an attacker to gain elevated administration privileges.
Cisco has also released software fixes, which address the issue, and affects CRWS for Cisco SOHO and Cisco 800 series routers with version prior to 3.3.0 build 31.
Via: CRN
Cisco releases pair of VoIP vulnerabilities
Add Your Comment
Instablogs Club
Fresh Comments
on Vonage, Verizon end legal... $117 million isn’t that much for the VoIP giant however I have a strange feeling...
on MagicJack makes VoIP simple... I agree with doode, it would be nice if this tool can be access with headset and...
on PC hacking though VoIP is... Every new tech have new cheat. Just like in gaming tech, a new game launched then there...
on Dubai bans VoIP in free zones It’s a disappointing decision. Nowadays a VoIP-based communication is the best ways...
on Talkswitch intros three VoIP ... Is this Voip Phone. this is nice tech for net phone.
Shopping
To Advertise please Contact Us.