Skip Links

Outrageously shocking: More than 100 Cisco, Avaya and Nortel VoIP security holes discovered

By Brad Reese on Wed, 04/02/08 - 7:54pm.

VoIPshield - Think Your VoIP is Secure? Think Again

It is shocking and outrageous that there are more than 100 security holes in VoIP products from Cisco, Avaya and Nortel.

The flaws were discovered by VoIP security solutions vendor VoIPshield, which revealed the vulnerabilities to the public today.

Since VoIPshield Labs is continuously finding new vulnerabilities, they plan on monthly disclosures to VoIP equipment vendors followed by public disclosure.

An interesting example of an identified Cisco VoIP vulnerability revealed today, is shown below:

Example of a Cisco VoIP Vulnerability

In the above example, a potential attacker exploiting the Cisco Unified Communication Manager (UCM) vulnerability related to its Disaster Recovery Network, could obtain full access to the UCM by getting the remote shell on the attacker's machine.

Subsequently the attacker could either disable UCM completely, download all the information from UCM to the attacker's machine or upload an executable file to the UCM.

Then the attacker could force all the Cisco softphones connected to this UCM to reboot and download that executable file.

It could be a bot, Trojan or worm.

Once the executable is downloaded and executed an attacker is able to have full access to the user’s laptop running the softphone.

This scenario could be repeated when, for example, the user of the laptop connects to another UCM.


VoIPshield has been working with major VoIP vendors since last December.

Following the terms of their Responsible Disclosure Policy, VoIPshield provided all of the VoIP vendors with detailed vulnerability descriptions and enough time to reproduce and respond to them.

Different vendors responded in different ways – some of them accused VoIPshield of grandstanding, self-promotion and skirting the boundaries of ethical disclosure.

But others, specifically Cisco Systems, responded in a professional manner and acknowledged the issues and is working with VoIPshield to resolve them.


Bogdan Materna"Personally I was surprised that Cisco Systems, known for not being very forthcoming when their products are singled out because of security issues, was very professional and willing to work with us to solve these issues," said Bogdan Materna - Founder & CTO of VoIPshield.

"It was nice to see."


There are over 1.2 billion landline and over 2 billion wireless phones (there are less than 1 billion PCs).

They are all converging on common VoIP network infrastructure and becoming part of the Internet.

But as we have seen in the early days of the Internet, security problems are being downplayed or outright ignored.

Vendors are rushing to market with new applications and devices without proper security.

Users are, in most cases, not aware that their new voice infrastructure brings serious security problems and exposures.

There are simple ways of quickly assessing the security of VoIP networks, for example, by using VoIP Vulnerability Assessment tools such as VoIPauditLite, which VoIPshield makes available as a free download.

And if you want to protect your VoIP infrastructure from these attacks, you may wish to think about deploying a VoIP Intrusion Prevention System (VIPS) such as VoIPguard.

View VoIP Security Resources:

Identified VoIP Vulnerability Database
VoIP Security Industry Resources
VoIP Security White Papers
Learn About VoIP Security

View dramatization of hacking into a financial institution's VoIP telephony system and see just how vulnerable enterprise VoIP systems really are:


If YOU were a sales executive with a Cisco reseller, would YOU get FIRED for bringing up VoIP security with a potential VoIP enterprise customer?

Contact Brad Reese
http://www.BradReese.Com

Brad's Top 5 Story Picks
# 1. Cisco Mobility VP admits that he does not really know what the term Fixed Mobile Convergence means
# 2. Cisco: Video traffic to balloon 20 times in 3 years
# 3. Tackling the inadequate Nortel R&D model
# 4. Cisco has 50 executives scouring the globe for technology acquisitions
# 5. Q & A with the ex-Cisco stars who launched the hot enterprise mobility start-up, Agito Networks
Story Archives Brad Reese on Cisco Story Archives

Cisco Power Supplies

Cisco Authorized Factory Refurbished List Pricing

Cisco Repair and Hardware Troubleshooting

  

On The Web
Twitter