Cisco 7940/7960 IP Phones Can Be Crashed by Remote Users
|
|
SecurityTracker Alert ID: 1015488
|
|
SecurityTracker URL: http://securitytracker.com/id?1015488
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Updated: Jan 14 2006
|
Original Entry Date: Jan 13 2006
|
Impact: Denial of service via network
|
Fix Available: Yes
Exploit Included: Yes
Vendor Confirmed: Yes
|
Advisory: Cisco Security Advisory
|
Version(s): prior to 7.1(1)
|
Description: A vulnerability was reported in Cisco 7940 and 7960 IP Phones. A remote user can cause denial of service conditions.
A reomte user can send a series of TCP SYN packets to any port on the target phone to trigger a flaw in the phone's IP stack and
cause the phone to reload.
The Cisco 7940 and 7960 IP Phones are affected.
Cisco has assigned Cisco bug ID CSCef33398 to this
vulnerability.
Cisco credits Knud Erik Hojgaard with reporting this vulnerability.
A demonstration exploit is available at:
http://www.milw0rm.com/id.php?id=1411
|
Impact: A remote user can cause the target phone to reload.
|
Solution: The vendor has issued a fixed version (7.1(1)) to reduce the impact of a denial of service attacks. Normal operations may be affected
but the device will not crash and reload.
The vendor's Security Notice is available at:
http://www.cisco.com/warp/public/707/cisco-response-20060113-ip-phones.shtml
|
Vendor URL: www.cisco.com/warp/public/707/cisco-response-20060113-ip-phones.shtml (Links to External Site)
|
Cause: State error
|
|
Message History:
None.
|
Source Message Contents
|
Date: Fri, 13 Jan 2006 17:51:00 -0500
Subject: Cisco Security Notice: Response to Cisco IP Phone 7940 DoS Exploit posted on milw0rm.com
|
http://www.cisco.com/warp/public/707/cisco-response-20060113-ip-phones.shtml
|
|
