Cisco has fixed two security flaws in one of its main voice over IP products, which could allow attackers to crash...
company networks or take over systems.
The security of VoIP systems has come under immense scrutiny over the last 18 months, as take-up of the systems has rapidly grown and the number of security threats has mushroomed in response.
Cisco, as the leading network hardware and software company, has already been at the centre of a number of VoIP security alerts in recent months, being forced to regularly patch VoIP products.
This week, the company issued two security alerts along with fixes for Cisco CallManager. This platform manages VoIP calling and two security bugs have been found in the software.
One of them allows an attacker to crash a VoIP network, the other allows someone with only read-only access to the system to gain full network privileges.
Both flaws affect CallManager 3.2 and earlier versions, as well as certain versions of CallManager 3.3, 4.0 and 4.1.
Cisco has also just patched a vulnerability in its Internetwork Operating System (IOS), the main operating system for its network switches and routers.
This flaw also allows a remote attacker to crash a network.