Cisco fixes VoIP security problem


Cisco fixes VoIP security problem

Antony Savvas

Cisco has fixed two security flaws in one of its main voice over IP products, which could allow attackers to crash company networks or take over systems.

The security of VoIP systems has come under immense scrutiny over the last 18 months, as take-up of the systems has rapidly grown and the number of security threats has mushroomed in response.

Cisco, as the leading network hardware and software company, has already been at the centre of a number of VoIP security alerts in recent months, being forced to regularly patch VoIP products.

This week, the company issued two security alerts along with fixes for Cisco CallManager. This platform manages VoIP calling and two security bugs have been found in the software.

One of them allows an attacker to crash a VoIP network, the other allows someone with only read-only access to the system to gain full network privileges.

Both flaws affect CallManager 3.2 and earlier versions, as well as certain versions of CallManager 3.3, 4.0 and 4.1.

Cisco has also just patched a vulnerability in its Internetwork Operating System (IOS), the main operating system for its network switches and routers.

This flaw also allows a remote attacker to crash a network.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy