Cisco Patches DNS, VoIP Flaws

Cisco issued a patch for a domain name system
vulnerability that could put some of its routers and Voice Over IP products
at risk for exploits.

According to the UK-based National Infrastructure Security Co-ordination Centre, which reported the flaw Tuesday, the
vulnerability could leave some systems open to a Denial-of-Service
attack after receiving and processing a specially crafted DNS
packet.

The NISCC said the exploit targets hosts connected to an IP network using
the DNS protocol to resolve names to IP addresses. It said an attacker could
craft a DNS packet containing invalid information in the compressed section,
which can result in an error in processing on the receiving host.

A successful exploit could cause the impacted devices to crash or
malfunction, leading to a DOS situation.

Cisco said products that could be affected by the flaw are DNS clients,
including its 7902/7905/7912 series of IP Phones, its Unity Express and
ACNS devices.

In addition, its ATA (Analog Telephone Adaptor) 186/188
versions and its series 4400 content routers are at risk, as well as series 500 and 7300 content engines.

However, no Cisco products performing DNS server functions, or DNS packet
inspections, are currently known to be affected by this vulnerability.
Details on Cisco’s patch and systems that are not impacted, can be found here.

NISCC said the issue was identified by Steve Beaty from the
Department of
Mathematical and Computer Sciences at the Metropolitan State College of
Denver.

However, because many vendors include support for this protocol in their
products, it is likely they have already issued patches for the
vulnerability. As a result, NISCC did not issue a severity rating on the
flaw and urged companies to contact the vendors it identified as affected by the vulnerability.

News Around the Web