Multiple Vulnerabilities in CISCO VoIP Phones
Johnathan Nightingale did a research on CISCO VoIP Phones and found several security vulnerabilities in CP-7960, CP-7940, and CP-7910 phones.
The 7900 line of VoIP phones from Cisco contain remote-accessible code which can be exploited to cause a denial of service, and possibly leak information; the phones are also weak in ways that facilitate man-in-the-middle attacks directed at intercepting telephone traffic.
Advisory which details all the found problems can be found here:
Simultaneously Cisco released "Cisco Security Advisory: Multiple Vulnerabilities in Cisco IP Telephones" which deals with patches and workarounds for this problem. It can be found over here:
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.