thr3ads.net - asterisk users - [Asterisk-Users] FYI - Cisco IP Phones SYN Flood Device Reload Vulnerability [Jan 2006]

If this information is useful, please help other people find it:
Share via:

Rich Adamson

2006-Jan-17 06:18 UTC

[Asterisk-Users] FYI - Cisco IP Phones SYN Flood Device Reload Vulnerability

> TITLE:
> Cisco IP Phones SYN Flood Device Reload Vulnerability
> 
> SECUNIA ADVISORY ID:
> SA18479
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/18479/
> 
> CRITICAL:
> Less critical
> 
> IMPACT:
> DoS
> 
> WHERE:
> >From local network
> 
> OPERATING SYSTEM:
> Cisco IP Phone 7900 Series
> http://secunia.com/product/2809/
> 
> SOFTWARE:
> Cisco IP Phones 7960
> http://secunia.com/product/287/
> Cisco IP Phone 7940
> http://secunia.com/product/1113/
> 
> DESCRIPTION:
> A vulnerability has been reported in Cisco 7940 and 7960 IP Phones,
> which can be exploited by malicious people to cause a DoS (Denial of
> Service).
> 
> The vulnerability is caused due to an error in the IP Stack. This can
> be exploited to cause the IP Phone to reload by sending a SYN flood to
> an arbitrary port.
> 
> SOLUTION:
> Update to firmware revision 7.1(1) or later, which have the
> capability to perform load control using TCP throttling. This
> prevents a device from reloading.
> 
> PROVIDED AND/OR DISCOVERED BY:
> The vendor credits Knud Erik H?jgaard.
> 
> ORIGINAL ADVISORY:
>
http://www.cisco.com/warp/public/707/cisco-response-20060113-ip-phones.shtml

asterisk users - Jan 2006 - FYI - Cisco IP Phones SYN Flood Device Reload Vulnerability

[Asterisk-Users] FYI - Cisco IP Phones SYN Flood Device Reload Vulnerability