Attackers Could Eavesdrop On Cisco-Routed VoIP Calls

Flaws in Cisco's Voice-over-Internet Protocol (VoIP) software could allow an attacker to bring down the alternative-to-traditional-telephone service, or access the server that initiates and routes Web-based calls, an Atlanta-based security firm said.

According to alerts posted online by Internet Security Systems' (ISS) X-Force research team, Cisco's CallManager sports a pair of bugs that could be "reliably exploited" by hackers. The potential result: at best a denial-of-service style crash, at worst, a situation where the attacker could redirect calls at will or even eavesdrop on conversations.

By sending specially-crafted packets to Cisco CallManager, an attacker could create a heap overflow and crash the system or gain access. ISS said that an exploit wouldn't need any help from a user, pushing the threat into a more dangerous category.

"Like many of the applications that are driving today's businesses, VoIP travels over a variety of networks and the public Internet and is therefore susceptible to the same security perils as other staple network components like e-mail, databases, and servers," said Chris Rouland, ISS' chief technology officer, in a statement.

Cisco's own advisory includesdetails on patched editions of CallManager that are ready to download andinstall. Users without a current service contract with Cisco, however, musttelephone the San Jose, Ca.-based networking company's support line torequest the upgrades.