Cisco voice over IP phones vulnerable to DNS attack

By Derek Sooman May 25, 2005, 11:35

Serving tech enthusiasts for over 25 years.
TechSpot means tech analysis and advice you can trust.

Cisco voice over IP phones appear to be vulnerable to a flaw in their DNS protocol client software. DNS is responsible for translating domain names into IP addresses via DNS servers. Often, this information is compressed. Cisco has discovered a flaw in their voice over IP phones whereby malicious code could insert specially crafted DNS packets containing invalid information into the compressed section of the message, causing the IP phones to malfunction or crash.

Affected products include Cisco's 7902/7905/7912 IP phones, the Cisco ATA (analogue telephone adaptor) 186/188, and several Cisco Unity Express and Cisco ACNS (application and content networking system) devices.

0 comments 0 likes and shares

Tech Jobs: Find the next step in your career

Related Stories

Featured on TechSpot