A software flaw in Cisco's Internet phones could create problems for users by crashing their phones.
The flaw, one which makes Cisco's phones vulnerable to a Denial of Service attack, was discovered by British researchers at the NISCC. Specifically, the flaw is in the handling of DNS protocol by the phone's software.
Cisco recently signed a deal with British Airways to provide the carrier with 8,500 VoIP phones.
A patch for the flaw has been made available by Cisco, and users affected by the problem should contact their administrators or vendors for assistance.
The flaw happens when compressed logfiles on DNS servers are decompressed by the phone. A specially crafted DNS packet could cause an error in processing the decompressed information, crashing the IP phone.
Cisco's advisory says only devices running DNS clients have been impacted, according to Silicon.com. The flaw doesn't appear in devices performing DNS server or DNS inspection functions.
David Utter is a staff writer for WebProNews covering technology and business. Email him here.
PGP Creator Developing Secure VoIP PhonesReport: Cisco Systems Captures Enterprise Voice Revenue Market ShareCovad Offers Business-class VoIP Services Based on Cisco Equipment Intel and Cisco Plan To Better Wi-Fi and VoIPStudy: Mobile Phones More Dangerous Than SmokingVoIP Gets A Big Business NudgeVoIP Service Provider A vs. VoIP Service Provider BRacing With CiscoVoIP Small Business/Home Business AdvantageCisco Systems in Second Life
     |
RSS
Home
Newsletter
Advertising
Comments
Post new comment