Cisco should really be ashamed of this product... While it is physically well constructed, and has excellent sound quality along with a very pleasant user interface, the device has SERIOUS stability issues, unless you run your network with an iron fist... Quite by accident, while configuring my Asterisk system to connect to a Cisco 7960 via SIP in a standard office PBX type arrangement, I discovered something interesting... By screwing around with both the source IP address of a SIP message, along with certain IP addresses in the SIP message itself, it's quite easy to crash the Cisco. In short, it would be trivial to DOS (by forcing continuous crashes and the subsequent reboots) any Cisco 7960 that you can route UDP packets to... Matt Hardeman PaperSoft -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20030711/54f57de2/attachment.htm
Cisco and bugtraq need to know this! josh. On Fri, 2003-07-11 at 09:21, Matthew Hardeman wrote:> Cisco should really be ashamed of this product... > > While it is physically well constructed, and has excellent sound > quality along with a very pleasant user interface, the device has > SERIOUS stability issues, unless you run your network with an iron > fist... > > Quite by accident, while configuring my Asterisk system to connect to > a Cisco 7960 via SIP in a standard office PBX type arrangement, I > discovered something interesting... > > By screwing around with both the source IP address of a SIP message, > along with certain IP addresses in the SIP message itself, it's quite > easy to crash the Cisco. > > In short, it would be trivial to DOS (by forcing continuous crashes > and the subsequent reboots) any Cisco 7960 that you can route UDP > packets to... > > Matt Hardeman > PaperSoft > >-- ----------------------------------------------------------- Josh Howlett, Networking & Digital Communications, Information Systems & Computing, University of Bristol, U.K. 'phone: 0117 928 7850 email: josh.howlett@bris.ac.uk ------------------------------------------------------------
Sounds like a security issue. Verify the issue and email bugtraq@securityfocus.com Cisco will take a look at it once it hits bugtraq I am sure. Erik -----Original Message----- From: asterisk-users-admin@lists.digium.com [mailto:asterisk-users-admin@lists.digium.com]On Behalf Of Matthew Hardeman Sent: Friday, July 11, 2003 3:21 AM To: asterisk-users@lists.digium.com Subject: [Asterisk-Users] Cisco 7960s Cisco should really be ashamed of this product... While it is physically well constructed, and has excellent sound quality along with a very pleasant user interface, the device has SERIOUS stability issues, unless you run your network with an iron fist... Quite by accident, while configuring my Asterisk system to connect to a Cisco 7960 via SIP in a standard office PBX type arrangement, I discovered something interesting... By screwing around with both the source IP address of a SIP message, along with certain IP addresses in the SIP message itself, it's quite easy to crash the Cisco. In short, it would be trivial to DOS (by forcing continuous crashes and the subsequent reboots) any Cisco 7960 that you can route UDP packets to... Matt Hardeman PaperSoft