Cisco VoIP technology open to DoS attacks

By
Follow google news

Cisco Systems said today that its Unified CallManager and Presence Server software contain a number of vulnerabilities that could permit DoS attacks.

Cisco VoIP technology open to DoS attacks
In an advisory, the networking giant said CallManager versions 3.3, 4.1, 4.2 and 5.0, in addition to Presence Server version 1.0, are affected by the flaws.

The most severe of the five vulnerabilities rated 4.7 out of 10 on Cisco's vulnerability scoring system. 

Currently there are no workarounds for the bugs, and the company is developing a permanent fix, which will be distributed when it becomes available, according to a Cisco advisory. In the meantime, users should filter traffic as described in the advisory.

Andrew Storms, director of security operations for nCircle, said the flaws are relatively easy to exploit and can result in a loss of telephone service for an enterprise.

"In one instance, simply sending a large number of [internet control] message protocol) packets to a Cisco Unified CallManager can cause the system to crash," he said.

CallManager provides processing for Cisco's  VoIP software solutions, while the Presence Server tracks the usage of those products.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
attacksciscodosopensecuritytechnologytovoip

Sponsored Whitepapers

2026 Engineering Reality Report
2026 Engineering Reality Report
How Kraft Heinz Transformed Planning with AI & 5 M+ Data Sets
How Kraft Heinz Transformed Planning with AI & 5 M+ Data Sets
Defend Your Network from the Next Generation of AI Threats
Defend Your Network from the Next Generation of AI Threats
Optus Enterprise Mobility
Optus Enterprise Mobility
Life After VMware: Scale Securely with mCloud by Micron21
Life After VMware: Scale Securely with mCloud by Micron21

Events

Most Read Articles

Tasmanian gov agencies impacted by cyber attack

Tasmanian gov agencies impacted by cyber attack
Australian chief at US defence contractor L3Harris sold exploits to Russia

Australian chief at US defence contractor L3Harris sold exploits to Russia
Vic gov agencies flying blind on server security, audit finds

Vic gov agencies flying blind on server security, audit finds
The BoM has finally tamed SSL

The BoM has finally tamed SSL
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?