The vulnerability affects versions of Cisco's core Internetwork Operating System (IOS) software configured for the Cisco IOS Telephony Service (ITS), Cisco CallManager Express (CME) or Survivable Remote Site Telephony (SRST) services. By sending malformed control messages a cracker could cause devices such as VoIP routers running the vulnerable software to reload. The trick could be exploited repeatedly to create a Denial of Service (DoS) attack against targeted networks.
Cisco has an advisory here which fully discusses the problem, along with free software upgrades, and with advice on suggested workarounds.
Downloads and Drivers
From the Forums
Subscribe to TechSpot
Get free exclusive content, learn about new features and breaking tech news.