[cisco-voip] Have you seen this article?

Nick Marus nmarus at gmail.com
Wed Jun 28 11:30:31 EDT 2006 

What is their ip? heheheheh ;)

On 6/28/06, Jonathan Charles <jonvoip at gmail.com> wrote:
> When I worked at my last company, we had a cust with their CCMs
> available via RDP over the internet (directly)... the username and
> password was administrator cisco...
>
> Eeek
>
>
>
> Jonathan
>
> On 6/28/06, Fretz, EA Eric @ IS <Eric.A.Fretz at l-3com.com> wrote:
> > Any network admin that leaves his/her CCM web server facing the internet
> > needs a good flogging.
> >
> > -----Original Message-----
> > From: cisco-voip-bounces at puck.nether.net
> > [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Ryan Ratliff
> > Sent: Wednesday, June 28, 2006 8:37 AM
> > To: Leetun, Rob
> > Cc: ciscovoip
> > Subject: Re: [cisco-voip] Have you seen this article?
> >
> >
> > http://www.cisco.com/en/US/products/sw/voicesw/ps556/
> > tsd_products_security_response09186a00806c0846.html
> >
> > -Ryan
> >
> > On Jun 28, 2006, at 9:17 AM, Leetun, Rob wrote:
> >
> >   Cisco Call Manager Flaw Could Invite Hackers
> >
> > Vulnerabilities in Cisco's Call Manager software could open the door
> > for hackers to reconfigure VoIP settings and gain access to
> > individual users' account information, according to researchers at
> > Kansas City, Mo.-based solution provider FishNet Security.
> >
> > By Kevin McLaughlin, CRN
> > Jun 19, 2006
> > URL:http://www.ddj.com/dept/security/189500728
> >
> > Vulnerabilities in Cisco's Call Manager software could open the door
> > for hackers to reconfigure VoIP settings and gain access to
> > individual users' account information, according to researchers at
> > Kansas City, Mo.-based solution provider FishNet Security.
> >
> > In a report issued Monday, Jake Reynolds, senior security engineer at
> > FishNet, said the vulnerability affects versions 3.1 and higher of
> > Call Manager, which handles call routing and call signaling functions
> > in Cisco VoIP systems. A lack of input validation and output encoding
> > in the Web administration interface for Call Manager could allow
> > hackers to execute cross-site scripting attacks, Reynolds wrote.
> >
> > Cross site scripting attacks usually involve tricking users with
> > access privileges into clicking on a URL in an email or Web page.
> >
> > In the Call Manager scenario, attackers would send a request to the
> > Call Manager Web interface that causes malicious JavaScript to be
> > included. If the administrator could be tricked into submitting this
> > tainted request, the malicious code would execute in the victim's Web
> > browser and potentially give attackers the ability to delete or
> > reconfigure system components and gain access to confidential user
> > information, according to the report.
> >
> > In a statement, Cisco's Product Security Incident Response Team
> > (PSRIT) recommended that users verify link destinations before
> > clicking on URLs.
> >
> > Although there are no workarounds for the issue, Cisco has fixed the
> > vulnerability and fixes will be incorporated in all supported
> > CallManager trains in versions 4.3(1), 4.2(3), 4.1(3)SR4 and 3.3(5)
> > SR3, according to the statement.
> >
> > To guard against attacks, FishNet recommends that companies limit
> > network connectivity to Call Manager wherever possible to prevent
> > hackers from discovering public Web interfaces.
> >
> > "Simple Google queries are all an attacker needs in this case to
> > obtain the target Call Manager address. There are few compelling
> > reasons one could present that would justify public access to Call
> > Manager web interfaces," according to the report.
> >
> > _______________________________________________
> > cisco-voip mailing list
> > cisco-voip at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-voip
> >
> > _______________________________________________
> > cisco-voip mailing list
> > cisco-voip at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-voip
> >
> > _______________________________________________
> > cisco-voip mailing list
> > cisco-voip at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-voip
> >
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>


-- 

Nick Marus
nmarus at gmail.com
homepage: http://www.nicholasmarus.com

More information about the cisco-voip mailing list