- New attack fells Internet Explorer
- Steve Jobs is a man of a few words
- Oddball gifts for uber geeks
- Global warming research exposed after hack
- Google adding IPv6 to YouTube
Cisco Tuesday reacted to a warning from the U.K.'s National Infrastructure Security Co-ordination Centre that it had discovered a software flaw capable of causing the company's IP telephones to crash.
The San Jose company issued a patch for the DNS protocol vulnerability, as well as free software, to fix the problem. The NISCC, also on Tuesday, categorized the flaw, which makes IP phones vulnerable to denial-of-service attacks, as a moderate risk that also affects other software.
In its warning, the NISCC said that under certain circumstances, it is possible to cause both DNS servers and DNS clients to terminate abnormally by sending malformed messages.
Cisco said it knew of no products performing DNS server functions, or DNS packet inspection, which the vulnerability affects. The company also said that the problem only seemed to concern DNS clients running on its IP phones and content-networking products. Cisco's list of affected products included Cisco IP Phones 7902/7905/7912, Cisco ATA (Analog Telephone Adaptor) 186/188, as well as several Cisco Unity Express and Cisco ACNS (Application and Content Networking System) devices.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment