Cisco VoIP Phones Have DoS Problem

Get the WebProNews Newsletter:

[ Business]

A software flaw in Cisco’s Internet phones could create problems for users by crashing their phones.

The flaw, one which makes Cisco’s phones vulnerable to a Denial of Service attack, was discovered by British researchers at the NISCC. Specifically, the flaw is in the handling of DNS protocol by the phone’s software.

Cisco recently signed a deal with British Airways to provide the carrier with 8,500 VoIP phones.

A patch for the flaw has been made available by Cisco, and users affected by the problem should contact their administrators or vendors for assistance.

The flaw happens when compressed logfiles on DNS servers are decompressed by the phone. A specially crafted DNS packet could cause an error in processing the decompressed information, crashing the IP phone.

Cisco’s advisory says only devices running DNS clients have been impacted, according to Silicon.com. The flaw doesn’t appear in devices performing DNS server or DNS inspection functions.

David Utter is a staff writer for WebProNews covering technology and business. Email him here.

Cisco VoIP Phones Have DoS Problem
Comments Off
Top Rated White Papers and Resources

Comments are closed.

  • Join for Access to Our Exclusive Web Tools
  • Sidebar Top
  • Sidebar Middle
  • Sign Up For The Free Newsletter
  • Sidebar Bottom