Cisco 7940/7960 IP Phones Can Be Crashed by Remote Users
|
|
SecurityTracker Alert ID: 1015488 |
|
SecurityTracker URL: http://securitytracker.com/id/1015488
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Updated: Jan 14 2006
|
Original Entry Date: Jan 13 2006
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes Exploit Included: Yes
|
Version(s): prior to 7.1(1)
|
Description:
A vulnerability was reported in Cisco 7940 and 7960 IP Phones. A remote user can cause denial of service conditions.
A reomte user can send a series of TCP SYN packets to any port on the target phone to trigger a flaw in the phone's IP stack and cause the phone to reload.
The Cisco 7940 and 7960 IP Phones are affected.
Cisco has assigned Cisco bug ID CSCef33398 to this vulnerability.
Cisco credits Knud Erik Hojgaard with reporting this vulnerability.
A demonstration exploit is available at:
http://www.milw0rm.com/id.php?id=1411
|
Impact:
A remote user can cause the target phone to reload.
|
Solution:
The vendor has issued a fixed version (7.1(1)) to reduce the impact of a denial of service attacks. Normal operations may be affected but the device will not crash and reload.
The vendor's Security Notice is available at:
http://www.cisco.com/warp/public/707/cisco-response-20060113-ip-phones.shtml
|
Vendor URL: www.cisco.com/warp/public/707/cisco-response-20060113-ip-phones.shtml (Links to External Site)
|
Cause:
State error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Fri, 13 Jan 2006 17:51:00 -0500
Subject: Cisco Security Notice: Response to Cisco IP Phone 7940 DoS Exploit posted on milw0rm.com
|
http://www.cisco.com/warp/public/707/cisco-response-20060113-ip-phones.shtml
|
|
