About us
Contact us
RSS
Newsletters
Blogs
Management
Technology
- Applications
- Business Intelligence
- Development
- Hardware
- Mobile & Wireless
- Networking
- Internet
- Operating Systems
- Security Products
- Servers & Datacentre
- Storage
Toolbox
Training
Books
White Papers
Topic Pages
Resource Centre
VoIP & convergence technology > networking > news
June 25, 2008
Security warning on Avaya, Cisco and Nortel VoIP systems
Major suppliers pushing out patches
By Tim Greene
Organisations using Avaya, Cisco and Nortel VoIP systems have been warned about vulnerabilities that could result in remote code execution; unauthorised access; denial of service; and information harvesting.
Advert
The vulnerabilities were found by VoIPshield Laboratories and reported earlier to the three vendors in order to give them time to develop patches for the flaws, says Rick Dalmazzi, president and CEO of VoIPshield. Dalmazzi would not reveal more details because his company and the affected VoIP vendors agreed to a simultaneous announcement.
He said that two of the three vendors should have patches available today and the third will issue an advisory.
The vulnerabilities found affect voice servers - VoIP PBXes - and softphone software that runs on laptops and desktops, Dalmazzi said.
VoIPshield ranks most of the vulnerabilities found as either critical or high, the two most severe rankings on its four-step scale.
Avaya, Cisco and Nortel were chosen for vulnerability testing because they represent the bulk of IP PBX sales in North America, Dalmazzi says. The company has included Microsoft in its next round of testing, the results of which will come out in about four months.
VoIPshield Systems makes VoIP vulnerability testing software as well as an intrusion-prevention system designed for VoIP.
« prev article | more networking news | next article »
Advert
Email this article to a friend or colleague:
PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.
- This article is now being printed.
What are your views on this subject? Use the form below to post a comment on this article up to 1000 characters.
Click below to add 'Security warning on Avaya, Cisco and Nortel VoIP systems' to your blog.
If you do not have a ComputerworldUK Account and would like to use this feature, please Register.
If you are a registered, logged-in user, this will post the title and first paragraph of this story to your blog to share with your readers.
Advert
Newsletters
Sign up to our Weekly Round-Up for the past week’s not-to-be-missed news analysis and insight delivered straight to your inbox.
WHITE PAPERS
-
Gap Analysis: The Case for Data Services
A data service approach makes data access and integration scalable by streamlining development and maintenance, whether applications speak Web services, SQL, or both. -
BPM, SOA and Web 2.0: Business transformation or train wreck?
Organisations must not only promote change from within, but they must also be agile enough to quickly adapt to evolving markets, policies, regulations, and business models. Fortunately, the convergence of a trio of technologies and business practices—business process management (BPM), service-oriented architecture (SOA), and Web 2.0—is providing a solution.
