News Stay informed about the latest enterprise technology news and product updates.

Vulnerabilities leave Cisco voice products open to remote attack

The default installation of Cisco's Director Agent on IBM server could allow remote attackers to gain control of the systems. The Agent is found in Cisco voice products such as CallManager, IP Interactive Voice Response and IP Call Center Express.

Cisco is warning of vulnerabilities in several voice products that could allow a remote attacker to obtain unauthorized...

administrative control or cause a denial of service.

The default installation of Cisco's Director Agent on IBM servers leaves the Director's services in an insecure state. In particular, Director Agent listens on TCP or UDP port 14247 in such a way that a remote attacker can connect and gain administrative level control without authentication. This level of privilege allows an attacker to shut down, power off or restart the system; execute a command shell; initiate file transfers; stop or start processes, services or device drivers; modify the network configuration; and create Windows 2000 user accounts.

In addition, by scanning port 14247, an attacker can initiate a Director Agent process that will take up 100% of the CPU. This will cause a denial of service, unless the server is shut down.

The Director Agent is part of several Cisco voice products, including CallManager, IP Interactive Voice Response, IP Call Center Express, Personal Assistant, Emergency Responder and Conference Connection. The problem occurs on a variety of IBM-based servers running any version of the operating system before OS 2000.2.6.

Cisco is providing a repair script that will mitigate the vulnerabilities without needing a software upgrade. The repair script keeps the Director Agent from listening for remote connections on TCP or UDP ports 14247. If port 14247 is enabled, the Director Agent won't automatically accept connections. The script also disables certain access and control files not required for Director Server to function.

Dig Deeper on IPv6 security and network protocols security

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.