[cisco-voip] Have you seen this article?

Jonathan Charles jonvoip at gmail.com
Wed Jun 28 14:46:43 EDT 2006 

I have blotted everything else about them from my memory.


J

On 6/28/06, Nick Marus <nmarus at gmail.com> wrote:
> What is their ip? heheheheh ;)
>
> On 6/28/06, Jonathan Charles <jonvoip at gmail.com> wrote:
> > When I worked at my last company, we had a cust with their CCMs
> > available via RDP over the internet (directly)... the username and
> > password was administrator cisco...
> >
> > Eeek
> >
> >
> >
> > Jonathan
> >
> > On 6/28/06, Fretz, EA Eric @ IS <Eric.A.Fretz at l-3com.com> wrote:
> > > Any network admin that leaves his/her CCM web server facing the internet
> > > needs a good flogging.
> > >
> > > -----Original Message-----
> > > From: cisco-voip-bounces at puck.nether.net
> > > [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Ryan Ratliff
> > > Sent: Wednesday, June 28, 2006 8:37 AM
> > > To: Leetun, Rob
> > > Cc: ciscovoip
> > > Subject: Re: [cisco-voip] Have you seen this article?
> > >
> > >
> > > http://www.cisco.com/en/US/products/sw/voicesw/ps556/
> > > tsd_products_security_response09186a00806c0846.html
> > >
> > > -Ryan
> > >
> > > On Jun 28, 2006, at 9:17 AM, Leetun, Rob wrote:
> > >
> > >   Cisco Call Manager Flaw Could Invite Hackers
> > >
> > > Vulnerabilities in Cisco's Call Manager software could open the door
> > > for hackers to reconfigure VoIP settings and gain access to
> > > individual users' account information, according to researchers at
> > > Kansas City, Mo.-based solution provider FishNet Security.
> > >
> > > By Kevin McLaughlin, CRN
> > > Jun 19, 2006
> > > URL:http://www.ddj.com/dept/security/189500728
> > >
> > > Vulnerabilities in Cisco's Call Manager software could open the door
> > > for hackers to reconfigure VoIP settings and gain access to
> > > individual users' account information, according to researchers at
> > > Kansas City, Mo.-based solution provider FishNet Security.
> > >
> > > In a report issued Monday, Jake Reynolds, senior security engineer at
> > > FishNet, said the vulnerability affects versions 3.1 and higher of
> > > Call Manager, which handles call routing and call signaling functions
> > > in Cisco VoIP systems. A lack of input validation and output encoding
> > > in the Web administration interface for Call Manager could allow
> > > hackers to execute cross-site scripting attacks, Reynolds wrote.
> > >
> > > Cross site scripting attacks usually involve tricking users with
> > > access privileges into clicking on a URL in an email or Web page.
> > >
> > > In the Call Manager scenario, attackers would send a request to the
> > > Call Manager Web interface that causes malicious JavaScript to be
> > > included. If the administrator could be tricked into submitting this
> > > tainted request, the malicious code would execute in the victim's Web
> > > browser and potentially give attackers the ability to delete or
> > > reconfigure system components and gain access to confidential user
> > > information, according to the report.
> > >
> > > In a statement, Cisco's Product Security Incident Response Team
> > > (PSRIT) recommended that users verify link destinations before
> > > clicking on URLs.
> > >
> > > Although there are no workarounds for the issue, Cisco has fixed the
> > > vulnerability and fixes will be incorporated in all supported
> > > CallManager trains in versions 4.3(1), 4.2(3), 4.1(3)SR4 and 3.3(5)
> > > SR3, according to the statement.
> > >
> > > To guard against attacks, FishNet recommends that companies limit
> > > network connectivity to Call Manager wherever possible to prevent
> > > hackers from discovering public Web interfaces.
> > >
> > > "Simple Google queries are all an attacker needs in this case to
> > > obtain the target Call Manager address. There are few compelling
> > > reasons one could present that would justify public access to Call
> > > Manager web interfaces," according to the report.
> > >
> > > _______________________________________________
> > > cisco-voip mailing list
> > > cisco-voip at puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/cisco-voip
> > >
> > > _______________________________________________
> > > cisco-voip mailing list
> > > cisco-voip at puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/cisco-voip
> > >
> > > _______________________________________________
> > > cisco-voip mailing list
> > > cisco-voip at puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/cisco-voip
> > >
> > _______________________________________________
> > cisco-voip mailing list
> > cisco-voip at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-voip
> >
>
>
> --
>
> Nick Marus
> nmarus at gmail.com
> homepage: http://www.nicholasmarus.com
>

More information about the cisco-voip mailing list