Cisco VoIP bug poses eavesdropping risk

By John Leyden → More by this author

29 Nov 2007 16:04

Noise on the wire

A bug involving 7900 Series IP phones from Cisco creates a means for hackers to eavesdrop on calls.

The flaw stems from security shortcomings in the Extension Mobility feature of the phones, which allows users to configure a Cisco IP phone as their own. The feature is disabled by support, which is just as well because when enabled the feature fails to encrypt signalling communications between a device and an internal web server. This, in turn, creates a means for miscreants to sniff out authentication credentials. These credentials might subsequently be misused to cut off users or eavesdrop on streaming media connections associated with calls.

However, an attack along these lines will only succeed in cases where would-be hackers are already in possession of valid Extension Mobility authentication credentials. Attackers would also need to have access to a targeted network. Although remote hacking is theoretically possible, a bigger danger would appear to stem from internal attacks.

In a throwback to the early days of wiretapping, successful attacks based on the vulnerability leave a tell-tale noise on the wire.

"Internal testing by Cisco also revealed that the described attack produced static noise on the IP phone while it was under attack," Cisco said in an advisory that explains the issue and details possible workarounds.

The network giant credits researcher Joffrey Czarney of Telindus with discovering the flaw. Czarney presented a paper on his research at the recent Hack.Lu 2007 security conference, which was held last month in Luxembourg. ®

2 comments posted — Comment period finished

It's much easier than that to bug a 7900 series

Posted: 04:23 30th November 2007

Of course it's a feature!

Posted: 12:55 30th November 2007

Track this type of story as a custom Atom/RSS feed or by email.

Cisco plugs VoIP malware loophole (15 February 2008)
SkypeFinds another security snafu (1 February 2008)
Skype Trojan wiretap plan leaks onto the net (29 January 2008)
Skype blocks poison movie peril (18 January 2008)
Cambridge University dials up VoIP (8 January 2008)
999 comes to VoIP (5 December 2007)
Skype crypto stumps German cops (23 November 2007)
Crash bug blights Cisco IP phones (22 August 2007)
Cisco wraps up against VoIP DoS bugs (29 March 2007)
AirMagnet bids to analyse Cisco (21 February 2007)
Cisco aims to plug channel knowledge gap on VoIP (28 November 2006)

Top 20 stories All The Week’s Headlines

Whitepapers
Life online: The Web in 2020 The Near Horizon Of Mobility The Complementarity of Next Generation Networks and Virtualization Projects Why Green Security Makes Good Business Sense

Breaking Reseller News

Circuit City runs up the white flag

Of course you can look at our books, Mr. Corporate Raider, sir

Circuit City's days as an independent are numbered. The ailing US electronics retailer last month received an unsolicited bid from Blockbuster, the ailing video store operator.

Get the ChannelReg newsletters

Related Whitepapers

Webcast : Why Today's Spam Filters Fail
Watch on-line now
Average CPU Power (ACP)
The Truth About Power Consumption Starts Here
The new way to defeat Spam
Increasing productivity with Abaca
Alternate Client Architectures
An overview of alternative architectures to deliver applications to the desktop
Podcast : Why Today's Spam Filters Fail
Listen or download now
Live Migration with AMD-V™ Extended Migration Technology
Live migration functionality works seamlessly across a broad range of AMD64 processors

Top Stories