[Asterisk-Users] FYI - Cisco IP Phones SYN Flood Device Reload
Vulnerability
Rich Adamson
radamson at routers.com
Tue Jan 17 06:18:44 MST 2006
> TITLE:
> Cisco IP Phones SYN Flood Device Reload Vulnerability
>
> SECUNIA ADVISORY ID:
> SA18479
>
> VERIFY ADVISORY:
> http://secunia.com/advisories/18479/
>
> CRITICAL:
> Less critical
>
> IMPACT:
> DoS
>
> WHERE:
> >From local network
>
> OPERATING SYSTEM:
> Cisco IP Phone 7900 Series
> http://secunia.com/product/2809/
>
> SOFTWARE:
> Cisco IP Phones 7960
> http://secunia.com/product/287/
> Cisco IP Phone 7940
> http://secunia.com/product/1113/
>
> DESCRIPTION:
> A vulnerability has been reported in Cisco 7940 and 7960 IP Phones,
> which can be exploited by malicious people to cause a DoS (Denial of
> Service).
>
> The vulnerability is caused due to an error in the IP Stack. This can
> be exploited to cause the IP Phone to reload by sending a SYN flood to
> an arbitrary port.
>
> SOLUTION:
> Update to firmware revision 7.1(1) or later, which have the
> capability to perform load control using TCP throttling. This
> prevents a device from reloading.
>
> PROVIDED AND/OR DISCOVERED BY:
> The vendor credits Knud Erik Højgaard.
>
> ORIGINAL ADVISORY:
> http://www.cisco.com/warp/public/707/cisco-response-20060113-ip-phones.shtml
More information about the asterisk-users
mailing list