Sponsored By

More Cisco, Avaya, Nortel Vulnerabilities NamedMore Cisco, Avaya, Nortel Vulnerabilities Named

VOIPShield has released a new raft of vulnerabilities that it found in IP telephony systems from Cisco, Avaya and Nortel (announcement here ; vulnerability details here ). Unlike its previous such announcement, VOIPShield has this time coordinated the release with the affected vendors, avoiding the criticism it faced the last time, when VOIPShield went public with the vulnerabilities before the affected vendors could address all of them.

Eric Krapf

June 26, 2008

6 Min Read
No Jitter logo in a gray background | No Jitter

VOIPShield has released a new raft of vulnerabilities that it found in IP telephony systems from Cisco, Avaya and Nortel (announcement here; vulnerability details here). Unlike its previous such announcement, VOIPShield has this time coordinated the release with the affected vendors, avoiding the criticism it faced the last time, when VOIPShield went public with the vulnerabilities before the affected vendors could address all of them.

VOIPShield has released a new raft of vulnerabilities that it found in IP telephony systems from Cisco, Avaya and Nortel (announcement here; vulnerability details here). Unlike its previous such announcement, VOIPShield has this time coordinated the release with the affected vendors, avoiding the criticism it faced the last time, when VOIPShield went public with the vulnerabilities before the affected vendors could address all of them.This week's announcement found a total of 45 vulnerabilities--29 with Avaya; 12 with Cisco and 4 with Nortel. VOIPShield gave its most severe rating, "Critical," to

  • An exploit that could expose system configuration information in Avaya's SIP Enablement Service. (VOIPShield reports that Avaya is "attempting to address the issue".)

  • A potential denial of service attack against Cisco's Unified Communications Manager 6.x and against UCM 5.x. (VOIPShield reports that Cisco has made a patch available).

  • A potential denial of service attack against Nortel's CS1000 4.50.x. (VOIPShield reports that Nortel is "attempting to address the issue," noting in its report, "Completely addressing the issue requires a patch from Nortel, which Nortel has indicated is being worked on, but the availability and timing of this patch have not yet been identified.") Nortel's Security Bulletin on the vulnerability states, "To our knowledge, this attack has not been launched against any of our customers."

  • A potential denial of service attack against the Wireless Client Manager (WiCM) SIP proxy in Nortel's MCS5100 3.x. (VOIPShield says Nortel has a "workaround proposed".) The Nortel Security Bulletin on this reported vulnerability states, "Recommended solution is to use a corporate NAT/FW in order to prevent such malicious actions from outside. WiCM is normally configured inside the corp network/firewall." On the other hand, VOIPShield contends that, "To completely address the issue requires a patch from Nortel. In the short term it is recommended that a VoIP-aware IPS [intrusion prevention system] product, such as [VOIPShield's] VoIPguard, with signatures to detect attempts to exploit this issue, be implemented to prevent it from being exploited. In addition, implementation of general best practice guidance such as controlling access to telephony networks via VLANs, access control lists, firewalls, network admission controls and/or other security devices will aid in limiting the exposure of this vulnerability."

  • A potential denial of service attack against Cisco's Unified Communications Manager 6.x and against UCM 5.x. (VOIPShield reports that Cisco has made a patch available).

  • A potential denial of service attack against Nortel's CS1000 4.50.x. (VOIPShield reports that Nortel is "attempting to address the issue," noting in its report, "Completely addressing the issue requires a patch from Nortel, which Nortel has indicated is being worked on, but the availability and timing of this patch have not yet been identified.") Nortel's Security Bulletin on the vulnerability states, "To our knowledge, this attack has not been launched against any of our customers."

  • A potential denial of service attack against the Wireless Client Manager (WiCM) SIP proxy in Nortel's MCS5100 3.x. (VOIPShield says Nortel has a "workaround proposed".) The Nortel Security Bulletin on this reported vulnerability states, "Recommended solution is to use a corporate NAT/FW in order to prevent such malicious actions from outside. WiCM is normally configured inside the corp network/firewall." On the other hand, VOIPShield contends that, "To completely address the issue requires a patch from Nortel. In the short term it is recommended that a VoIP-aware IPS [intrusion prevention system] product, such as [VOIPShield's] VoIPguard, with signatures to detect attempts to exploit this issue, be implemented to prevent it from being exploited. In addition, implementation of general best practice guidance such as controlling access to telephony networks via VLANs, access control lists, firewalls, network admission controls and/or other security devices will aid in limiting the exposure of this vulnerability."

  • A potential denial of service attack against Nortel's CS1000 4.50.x. (VOIPShield reports that Nortel is "attempting to address the issue," noting in its report, "Completely addressing the issue requires a patch from Nortel, which Nortel has indicated is being worked on, but the availability and timing of this patch have not yet been identified.") Nortel's Security Bulletin on the vulnerability states, "To our knowledge, this attack has not been launched against any of our customers."

  • A potential denial of service attack against the Wireless Client Manager (WiCM) SIP proxy in Nortel's MCS5100 3.x. (VOIPShield says Nortel has a "workaround proposed".) The Nortel Security Bulletin on this reported vulnerability states, "Recommended solution is to use a corporate NAT/FW in order to prevent such malicious actions from outside. WiCM is normally configured inside the corp network/firewall." On the other hand, VOIPShield contends that, "To completely address the issue requires a patch from Nortel. In the short term it is recommended that a VoIP-aware IPS [intrusion prevention system] product, such as [VOIPShield's] VoIPguard, with signatures to detect attempts to exploit this issue, be implemented to prevent it from being exploited. In addition, implementation of general best practice guidance such as controlling access to telephony networks via VLANs, access control lists, firewalls, network admission controls and/or other security devices will aid in limiting the exposure of this vulnerability."

  • A potential denial of service attack against the Wireless Client Manager (WiCM) SIP proxy in Nortel's MCS5100 3.x. (VOIPShield says Nortel has a "workaround proposed".) The Nortel Security Bulletin on this reported vulnerability states, "Recommended solution is to use a corporate NAT/FW in order to prevent such malicious actions from outside. WiCM is normally configured inside the corp network/firewall." On the other hand, VOIPShield contends that, "To completely address the issue requires a patch from Nortel. In the short term it is recommended that a VoIP-aware IPS [intrusion prevention system] product, such as [VOIPShield's] VoIPguard, with signatures to detect attempts to exploit this issue, be implemented to prevent it from being exploited. In addition, implementation of general best practice guidance such as controlling access to telephony networks via VLANs, access control lists, firewalls, network admission controls and/or other security devices will aid in limiting the exposure of this vulnerability."

About the Author

Eric Krapf

Eric Krapf

Eric Krapf is General Manager and Program Co-Chair for Enterprise Connect, the leading conference/exhibition and online events brand in the enterprise communications industry. He has been Enterprise Connect.s Program Co-Chair for over a decade. He is also publisher of No Jitter, the Enterprise Connect community.s daily news and analysis website.
 

Eric served as editor of No Jitter from its founding in 2007 until taking over as publisher in 2015. From 1996 to 2004, Eric was managing editor of Business Communications Review (BCR) magazine, and from 2004 to 2007, he was the magazine's editor. BCR was a highly respected journal of the business technology and communications industry.
 

Before coming to BCR, he was managing editor and senior editor of America's Network magazine, covering the public telecommunications industry. Prior to working in high-tech journalism, he was a reporter and editor at newspapers in Connecticut and Texas.

See more from Eric Krapf

Editor's Spotlight

How Air Canada Tapped Amazon Connect to Modernize Its Contact Center Operations
Ccaas
How Air Canada Tapped Amazon Connect to Modernize Its Contact Center Operations
How Air Canada Tapped Amazon Connect to Modernize Its Contact Center Operations

Dec 16, 2024

How Talkdesk Delivers for Vertical Industries
Ccaas
How Talkdesk Delivers for Vertical Industries
How Talkdesk Delivers for Vertical Industries

Dec 5, 2024

How Vendors Could Help Small and Medium Businesses Navigate Change Amidst Rapid Change and Complexity
Ccaas
How Vendors Could Help Small and Medium Businesses Navigate Change Amidst Rapid Change and Complexity
How Vendors Could Help Small and Medium Businesses Navigate Change Amidst Rapid Change and Complexity

Dec 17, 2024

Subscribe to Our Weekly Newsletters
Stay informed and sign up for weekly No Jitter and WorkSpace Connect newsletters
Sign Me Up
Mar 17 - Mar 20, 2025
As the #1 communications, collaboration and CX Conference and Expo in North America, we empower IT professionals to confront and overcome today's most pressing challenges. Attend Enterprise Connect and join thousands of like-minded peers building a framework for future success. You’ll walk away with rich learning experiences, invaluable connections, business opportunities, and inspiring insights. Register with Promo Code CONNECT25 to save $200 on Conference passes.
Learn More