Network World
Saturday, November 22, 2008
DNSstuff.com
Get information about your IP
IP Information
50+ On-demand DNS and network tools

Cisco Subnet Blog

Cisco Subnet
NetworkWorld.com > Community > Cisco Subnet Blog

Navigation

Cisco VoIP vulnerabilities revealed today

By Cisco Subnet on Wed, 06/25/2008 - 10:05am.

Cisco’s VoIP customers need to pay attention to its expected announcement today that its call server software has vulnerabilities. The VoIP security company VoIPshield says Cisco gear and that of its two chief rivals, Avaya and Nortel, have vulnerabilities that leave their systems open to a range of attacks. Cisco has been told about the vulnerabilities and may have fixes for them today, but that is not clear. VoIPshield says one of the three companies will just issue an advisory about its flaws but not fixes.

VoIPshield has an ongoing program to probe the VoIP platforms of the big three in corporate VoIP sales, and found vulnerabilities earlier. It releases its results three times a year after it has told the affected vendors about them and given them time to come up with a response. Clearly it’s good business for VoIPshield, which sells VoIP security products, because if VoIP gear has security flaws, it will sell more of its protection. But it’s also good for customers who haven’t got the time to perform vulnerability testing of their own. It might even be good for Cisco and its competitors that apparently aren’t finding these flaws on their own. As long as they move to fix them in a timely fashion, it’s not an indictment of their products. The software hasn’t been written that wasn’t subject to some revisions.

More from Cisco Subnet:
More Cisco Security advisories and patches
Nexus vs. Catalyst 6500
One or two more years before WiMAX will be hot
CCIE sentenced in Cisco SMARTnet fraud
Cisco's vision for the virtual data center
Free books, training, gift certificates -- giveaways for June from Cisco Subnet
Go to Cisco Subnet for more Cisco news, blogs, discussion forums, security alerts, book giveaways, and more.

Permalink
Tags:

Vulnerabilities confirmed, patches released

Useful answer?
0
By Cisco Subnet on Thu, 06/26/2008 - 9:43am.

See this Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service and Authentication Bypass Vulnerabilities .

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <i> <b> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote> <br /> <br> <p>
  • Lines and paragraphs break automatically.
  • You can use BBCode tags in the text.
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.

About the Cisco Subnet Blog

RSS feed Blog archive.

The Cisco Subnet blog is the official blog of the Network World Cisco Subnet community, managed by Editor Linda Leung. Cisco Subnet is the independent voice of Cisco customers and is your gateway to daily Cisco news, blogs, opinion, books, prize giveaways and more. Visit the Cisco Subnet home page daily and while you are there, subscribe to the Cisco Alert e-mail newsletter, which includes news and views generated by the Cisco Subnet community as well as Cisco-related stories on Network World and elsewhere on the Web.

LAN & WAN news

RSS feed (WAN community)

The opinions expressed in this Weblog are those of the writer and may not represent the opinions of Network World.

Advertisement: