Cisco Patches DNS, VoIP Flaws

by internetnews.com Staff

NISCC urges companies to contact their vendors and make sure they're patched.

Cisco issued a patch for a domain name system vulnerability that could put some of its routers and Voice Over IP products at risk for exploits.

According to the UK-based National Infrastructure Security Co-ordination Centre, which reported the flaw Tuesday, the vulnerability could leave some systems open to a Denial-of-Service attack after receiving and processing a specially crafted DNS packet.

The NISCC said the exploit targets hosts connected to an IP network using the DNS protocol to resolve names to IP addresses. It said an attacker could craft a DNS packet containing invalid information in the compressed section, which can result in an error in processing on the receiving host.

A successful exploit could cause the impacted devices to crash or malfunction, leading to a DOS situation.

Cisco said products that could be affected by the flaw are DNS clients, including its 7902/7905/7912 series of IP Phones, its Unity Express and ACNS devices.

In addition, its ATA (Analog Telephone Adaptor) 186/188 versions and its series 4400 content routers are at risk, as well as series 500 and 7300 content engines.

However, no Cisco products performing DNS server functions, or DNS packet inspections, are currently known to be affected by this vulnerability. Details on Cisco's patch and systems that are not impacted, can be found here.

NISCC said the issue was identified by Steve Beaty from the Department of Mathematical and Computer Sciences at the Metropolitan State College of Denver.

However, because many vendors include support for this protocol in their products, it is likely they have already issued patches for the vulnerability. As a result, NISCC did not issue a severity rating on the flaw and urged companies to contact the vendors it identified as affected by the vulnerability.

This article was originally published on Wednesday May 25th 2005