Cisco has fixed updates to address flaws in its IP telephony software and router hardware that create a means to conduct denial of service attacks against vulnerable systems. Neither flaw is particularly easy to exploit but both merit attention.

Security weaknesses in various flavours of Cisco CallManager 3.x and 4.x create a means to consume a large amount of memory and CPU resources via multiple open connections to port 2000. A separate flaw in the processing of connections to ports 2001, 2002, and 7727 might force Cisco CallManager to reboot.

Meanwhile flaws have emerged in Cisco's core IOS software that might be exploited by hackers to crash vulnerable systems running Cisco IOS 12.x. The flaw stems from errors in handling the SGBP protocol (Stack Group Bidding Protocol).

As a result malicious UDP datagrams sent to port 9900 can cause routers to become tied up, triggering a hardware reset. The vuln affects Cisco network devices running vulnerable versions of IOS providing support for the SGBP protocol has been enabled, which won't always be the case.

Cisco has released an advisory which explains how users can get updates. ®

Related stories

• Cisco breaks cycle with IOS patch (22 May 2008)
• Network security vulns keep sysadmins busy (23 May 2007)
• Cisco squishes bug trio (25 January 2007)
• Does Cisco need consumer electronics? (10 February 2006)
• Chambers hails 'solid' Cisco quarter (8 February 2006)
• SANS compiles Top 20 security vulns list (22 November 2005)
• Cisco, ISS file suit against rogue researcher (28 July 2005)
• Cisco patches VoIP vuln (25 January 2005)
• In brief Cisco warns on router bug (19 August 2004)