DoS holes in Cisco products
Cisco has reported two vulnerabilities in its products that could have allowed attackers to use activated data link switching to take down the Enterprise Contact Center and Cisco devices.
In Cisco's Unified Contact Center Enterprise and IP Contact Center Enterprise, attackers could use network packets sent to the JTapi server's port to provoke the machine to reload. During reloading, no new connections could be set up, but ongoing telephone calls are reportedly not disconnected.
The second security hole concerns Cisco's IOS 11.0 to 12.4 operating systems. When they are configured for data link switching (DLSw) and attackers can access port 2065 or 2067, then attackers could cause a reload by sending prepared options during capability exchanges. DLSw supports the transport of NetBIOS traffic across IP networks, among other things.
In its security advisory on the IOS vulnerability, Cisco presents a number of steps that administrators should take before installing a software update. In addition, registered users could also receive the latest software from the usual channels.
- Cisco Unified Contact Center and IP Contact Center JTapi Gateway Vulnerability, Cisco security advisory
- DLSw Vulnerability, Cisco security advisory