A flaw in the Cisco Internetwork Operating System (IOS) used in most Cisco routers could allow a hacker to completely crash a company’s phone network using a denial of service attack (DoS).
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
IOS software configured for the Cisco IOS Telephony Service (ITS), Cisco CallManager Express (CME) or Survivable Remote Site Telephony (SRST) phone systems contains the flaw.
In a statement on its website Cisco said a successful exploitation of the flaw "may cause a reload of the device which could be exploited repeatedly to produce a Denial of Service (DoS) attack".
Cisco has issued a patch to solve the problem in the affected products and more information is available at www.cisco.com/warp/public/707/cisco-sa-20050119-itscme.shtml
There are also workarounds available to reduce the risk of the problem, said Cisco.