Security Bytes: Cisco coping with more Black Hat revelations

By SearchSecurity.com Staff 03 Aug 2006 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

David Endler, director of security research for the TippingPoint division of Marlborough, Mass.-based 3Com Corp., and Mark Collier, CTO of San Antonio-based telephony management vendor SecureLogix Corp., authors of the book Hacking Exposed VoIP, told Black Hat attendees that the networking giant's CallManager Express VoIP management software is vulnerable to a flaw in which a remote user can supply specially crafted SIP requests to gain information from the SIP user directory, including the names of the users stored in the SIP user database.

San Jose, Calif.-based Cisco has confirmed the SIP user directory information disclosure flaw in a bulletin on its Web site and the presenters' proof-of-concept exploit. Cisco was notified of the flaw in advance of Black Hat.

"It is important to note that the attacks described do not disrupt VoIP call processing or voice mail access," Cisco said in the advisory, also noting that the standard edition of CallManager is not affected.

Black Hat USA 2006 Check out SearchSecurity.com's special coverage of Black Hat USA 2006 as reporters from SearchSecurity.com and Information Security magazine post the latest news and tidbits from Las Vegas.

A patch is not yet available, but Cisco said it is investigating the problem and will provide further information when it becomes available. "Cisco's recommended best practice of implementing the VoIP infrastructure and data devices on separate VLANs would prevent malicious users from launching such attacks against the VoIP network," the advisory said.

This marks the second year in a row that a vulnerability in a Cisco product has been revealed at Black Hat. Last year, security researcher Michael Lynn revealed the details of a serious IOS flaw, causing an opening day buzz among attendees and forcing Cisco to file an injunction against Lynn and Black Hat organizers. The legal action was quickly settled.

GroupWise flaws could enable arbitrary code execution
The French Security Incident Response Team (FrSIRT) has identified a pair of cross-site scripting vulnerabilities in Novell GroupWise that could be exploited by attackers to execute arbitrary scripting code.

"These flaws are due to unspecified input validation errors when handling certain tags and parameters," FrSIRT said, "which could be exploited by attackers to cause arbitrary scripting code to be executed by the user's browser in the security context of an affected Web site."

Deemed moderate risk, the flaws affect GroupWise version 6.x. Novell has confirmed the flaws and recommends that customers upgrade to GroupWise 6.5 Post SP6 WebAccess Rev D.

Mozilla issues another Firefox update
It was just last week when the Mozilla Foundation issued updates patching 13 security flaws in Firefox Web browser, Thunderbird email client and SeaMonkey all-in-one Internet application suite.

However, Mozilla early Thursday issued Firefox version 1.5.0.6, calling it a stability update to address an issue with Windows Media content.

In a post on its blog, the Bethesda, Md.-based SANS Internet Storm Center said the specific problem involves a relatively minor issue with "mms://" and related multi-media URLs that have been broken in 1.5.0.5.

"Apparently," said SANS ISC handler Jim Clausing, "not all updates rushed out while a Black Hat conference is going on have a sinister reason."

Tags: Network Protocols and Security,  Web Browser Security,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Protocols and Security Kaminsky interview: DNSSEC addresses cross-organizational trust and security PCI compliance requirement 4: Encrypt transmissions Balancing security and performance: Protecting layer 7 on the network Swedish hacker indicted for Cisco Systems, NASA breach How to implement PCI network segmentation How should service providers address VoIP security issues and threats? How to create a secure network through a shared Internet connection Cyberattack mapping could alter security defense strategy The case against UTM: Is there a better alternative? What is the best operating system for an FTP server implementation? Web Browser Security Security researchers develop browser-based darknet Microsoft cracks down on click fraud ring Mozilla patches 11 Firefox security flaws, JavaScript errors Microsoft patches WebDAV security vulnerability in bevy of updates IT pros can detect, prevent website vulnerabilities, thwart attacks Stolen FTP credentials likely in massive website attacks Trust eroding as social engineering attacks climb in 2009, says Kaspersky expert US-CERT warns of Gumblar, Martuz drive-by exploits Google study backs browser silent auto update feature Firefox update addresses several security flaws Web Browser Security Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary 5 terms you need to know before you employ VoIP  (SearchSecurity.com) digest authentication  (SearchSecurity.com) IGP  (SearchSecurity.com) IP spoofing  (SearchSecurity.com) Secure Sockets Layer  (SearchSecurity.com) smurfing  (SearchSecurity.com) Transport Layer Security  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary