Rich Adamson
2006-Jan-17 06:18 UTC
[Asterisk-Users] FYI - Cisco IP Phones SYN Flood Device Reload Vulnerability
> TITLE: > Cisco IP Phones SYN Flood Device Reload Vulnerability > > SECUNIA ADVISORY ID: > SA18479 > > VERIFY ADVISORY: > http://secunia.com/advisories/18479/ > > CRITICAL: > Less critical > > IMPACT: > DoS > > WHERE: > >From local network > > OPERATING SYSTEM: > Cisco IP Phone 7900 Series > http://secunia.com/product/2809/ > > SOFTWARE: > Cisco IP Phones 7960 > http://secunia.com/product/287/ > Cisco IP Phone 7940 > http://secunia.com/product/1113/ > > DESCRIPTION: > A vulnerability has been reported in Cisco 7940 and 7960 IP Phones, > which can be exploited by malicious people to cause a DoS (Denial of > Service). > > The vulnerability is caused due to an error in the IP Stack. This can > be exploited to cause the IP Phone to reload by sending a SYN flood to > an arbitrary port. > > SOLUTION: > Update to firmware revision 7.1(1) or later, which have the > capability to perform load control using TCP throttling. This > prevents a device from reloading. > > PROVIDED AND/OR DISCOVERED BY: > The vendor credits Knud Erik H?jgaard. > > ORIGINAL ADVISORY: > http://www.cisco.com/warp/public/707/cisco-response-20060113-ip-phones.shtml