Cisco tackles security threat

by Lin Freestone
December 6, 2007 VoIP 5

Cisco is trying to tackle a security threat in its VoIP phones that allow hackers to eavesdrop on conversations. The threat was discovered by a researcher working for Telindus, and allows hackers to remotely eavesdrop on Cisco Unified IP phones.


Cisco Systems has confirmed that it is possible to eavesdrop on remote conversations using Cisco VoIP phones.
The company has stated that an attacker with valid Extension Mobility authentication credentials could cause a Cisco Unified IP Phone configured to use the Extension Mobility feature to transmit or receive a Real-Time Transport Protocol audio stream. 
Cisco adds that Extension Mobility authentication credentials are not tied to individual IP phones, and that any Extension Mobility account configured on an IP phone's Cisco Unified Communications Manager/CallManager service can be used to perform an eavesdropping attack.
Cisco has published some work-arounds to this problem in its security response.













 Email This Post
 
 Print This Post




Add to Bookmarks:



  
   
  
   
 



 
   
 
   
 
   
 



Related posts to "Cisco tackles security threat":

VoIP security solutions from Cisco
Cisco has brought out two security solutions to defend against potentially dangerous exploits via its VoIP kit, including the possibility of malicious...

Russia originates most of world’s complex spyware and viruses
Research from PC Tools, a international provider of spyware protection, has revealed that Russia has superseded the US and China as the world's highes...

Newport Networks Face Service Quality Challenges
Newport Networks spoke out today about the biggest challenge to face the session border controller manufacturer, quality of service management. 

Th...

Researchers highlight threat to VoIP security
Researchers from Johns Hopkins University in Baltimore, USA, have identified compression techniques as a potential security risk for VoIP users when u...

Cisco releases patches for VoIP products
Cisco Security has released patches for vulnerabilities in its VoIP products. 

VoIPshield Laboratories identified the vulnerabilities in Cisco's Un...






No Comments 
	»


	No comments yet.



Leave a comment






Name (required)


Mail (will not be published) (required)


Website









        
       
       
    	     
             Please add 1 and 8     


            
        
        
         
        
        




		

Previous: « Nokia Siemens Networks launches VoIP communications key

Next: VoIP services must allow 999 calls from September »
		



Visited 872 times, 2 so far today


Daily VoIP News Digest		Friday 25th of July 2008
Main: Home News Blog VoIP Categories: General VoIP VoIP Networks VoIP Phones VoIP Resources VoIP Technology VoIP Info VoIP Security News archives: July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 December 2007 November 2007 October 2007 September 2007 August 2007 July 2007 June 2007 May 2007 April 2007 March 2007 February 2007 January 2007 December 2006 November 2006 December 2005 November 2005 October 2005 July 2005 June 2005 May 2005 April 2005 March 2005 January 2005 More: Business Phones Cameras	Cisco tackles security threat by Lin Freestone December 6, 2007 `Cisco is trying to tackle a security threat in its VoIP phones that allow hackers to eavesdrop on conversations. The threat was discovered by a researcher working for Telindus, and allows hackers to remotely eavesdrop on Cisco Unified IP phones.` Cisco Systems has confirmed that it is possible to eavesdrop on remote conversations using Cisco VoIP phones. The company has stated that an attacker with valid Extension Mobility authentication credentials could cause a Cisco Unified IP Phone configured to use the Extension Mobility feature to transmit or receive a Real-Time Transport Protocol audio stream. Cisco adds that Extension Mobility authentication credentials are not tied to individual IP phones, and that any Extension Mobility account configured on an IP phone's Cisco Unified Communications Manager/CallManager service can be used to perform an eavesdropping attack. Cisco has published some work-arounds to this problem in its security response. Email This Post Print This Post Add to Bookmarks: Related posts to "Cisco tackles security threat": VoIP security solutions from Cisco Cisco has brought out two security solutions to defend against potentially dangerous exploits via its VoIP kit, including the possibility of malicious... Russia originates most of world’s complex spyware and viruses Research from PC Tools, a international provider of spyware protection, has revealed that Russia has superseded the US and China as the world's highes... Newport Networks Face Service Quality Challenges Newport Networks spoke out today about the biggest challenge to face the session border controller manufacturer, quality of service management. Th... Researchers highlight threat to VoIP security Researchers from Johns Hopkins University in Baltimore, USA, have identified compression techniques as a potential security risk for VoIP users when u... Cisco releases patches for VoIP products Cisco Security has released patches for vulnerabilities in its VoIP products. VoIPshield Laboratories identified the vulnerabilities in Cisco's Un... No Comments » No comments yet. Leave a comment Name (required) Mail (will not be published) (required) Website Please add 1 and 8 Previous: « Nokia Siemens Networks launches VoIP communications key Next: VoIP services must allow 999 calls from September » Visited 872 times, 2 so far today	General VoIP Reigate and Banstead Borough Council to use speech self service payments VoIP Phones Snom and Konftel Get Together For Mutual Benefit VoIP Technology Indafon integrates Jabber, phone and more VoIP Networks Snom and Konftel Get Together For Mutual Benefit 3 Skypephone upgrade rumoured VoIP Security Cisco releases patches for VoIP products Latest News: Reigate and Banstead Borough Council to use speech self service payments According to Nemertes, Shoretel is best VoIP provider Fring available on Java ME & Linux phones Indafon integrates Jabber, phone and more Snom launches VoIP installation training Truphone comes to iPhone Snom and Konftel Get Together For Mutual Benefit 3 Skypephone upgrade rumoured SPIRIT DSP & Tensilica Team Up Vopium expanding in Europe Most Read News Today: Reigate and Banstead Borough Council to use speech self service payments NexTone and Springboard collaborate on VoIP Billing Nimbuzz gets $15 million shot in the arm 3 Skypephone upgrade rumoured According to Nemertes, Shoretel is best VoIP provider Vyke launches free mobile text messages VoIP Call Generator Indafon integrates Jabber, phone and more Raketu launches VoIP for BlackBerry devices World Phone unveils VoIP plans in India Most Read News To Date: Vyke launches free mobile text messages VoIP forum SIPtap software can eavesdrop on VoIP calls Imminent release of 3 Mobile's Skype phone NexTone and Springboard collaborate on VoIP Billing Trial download of NoiseFree VoIP Touchmods hack brings VoIP to iPod Touch World Phone unveils VoIP plans in India Ooma provides free phone calls over broadband FreshTel provides VoIP products in ASDA UK Will bonded ADSL see bigger take-up?
VoIP News © 2005-2008. All rights reserved \| About \| Disclaimer \| Privacy \| XML Feed \| Contact

Main:

VoIP Categories:

News archives:

More:

Cisco tackles security threat

Related posts to "Cisco tackles security threat":

Leave a comment

General VoIP

VoIP Phones

VoIP Technology

VoIP Networks

VoIP Security

Latest News:

Most Read News Today:

Most Read News To Date: