Cisco patches potentially crippling VoIP flaws

The bugs – rated "highly critical" by vulnerability tracking firm Secunia – were reported in 16 devices from the networking giant's Unified IP Phone 7900 series, according to a Cisco advisory. Affected phones are those running either the industry standard session initiation protocol (SIP) and/or Cisco's proprietary Skinny Client Control Protocol (SCCP).

Four of the VoIP flaws are overflow vulnerabilities, caused by handling errors that could result in the installation of malicious code on a victim's phone. Another two bugs could permit specially crafted packets to launch DoS attacks. And a final vulnerability may allow privilege escalation.

VoIPshield Laboratories identified the vulnerabilities in Cisco's Unified Communications Manager versions 5.x and 6.x, and in its Call Manager 4.x.

The vulnerabilities could lead to unauthorised access and denial of service (DoS) attacks.

The Cisco Unified Communications Manager (CUCM) was found to contain a flaw in its Computer Telephony Integration ( CTI ) Manager, which could allow a DoS attack

In Cisco's Real-Time Information Server (RIS) Data Collector, an authentication bypass hole could give hackers access to information they could use to mount other attacks.

Cisco has now issued patches for both of these issues at no extra charge to customers with service contracts.