Cisco VoIP Exploits

Once again, we see the results of telecom functionality moving into the networking space – the old-school telecom people just aren’t ready for the demands of properly securing an IP network. AusCERT has asserted that Cisco VoIP products, out of the box, can be vulnerable to attacks that turn them into listening bugs, that allow an attacker to eavesdrop on conversations, or can be crashed entirely as a Denial of Service attack.

Running any service over an IP network means that you now have TWO sets of security problems to deal with. In much the same way that “dumb” cell phones’ replacement by smartphones add tremendous security headaches, so too does the transition from traditional PBX systems to a VoIP world.

Leave a Reply

Your email address will not be published. Required fields are marked *