Cisco cites security flaws
Cisco Systems has warned customers of vulnerabilities in its communications software package and of a security tool that can be used by attackers to gain access to networks.
On Wednesday, the company issued an advisory on its Web site, warning customers of the vulnerability that affects the Cisco Unity unified communications software package versions 2, 3 and 4. It also warned of a similar problem on Cisco Guard, a tool that helps protect companies from denial-of-service attacks.
Cisco Unity is a unified communications software package that allows users to listen to e-mail over the telephone or check voice messages from the Internet. When integrated with a third-party fax server, it can even forward faxes to any local fax machine.
The problem with Cisco Unity is that it creates certain user accounts with default passwords when integrated with Microsoft's Exchange program. If the password isn't changed when Unity is installed, outside users could log on and read incoming and outgoing e-mail messages. They could also gain access to certain administrative functions.
On Wednesday, Cisco posted a solution on its Web site. The simplest fix is to change the default passwords on the accounts. The accounts with default passwords that should be changed can be found on the Web site.
Cisco said the new version of Cisco Unity version 4.0(5), which is scheduled for release in the first quarter of 2005, will not have this problem.
In October, Cisco announced several security upgrades for its unified communications products. Specifically, it offered higher security on voice messages.
Cisco also warned about a vulnerability on Cisco Guard, an application to counter denial-of-service attacks. Like the Cisco Unity product, Cisco Guard comes with default usernames and passwords. The problem can be fixed by changing these settings. Cisco Guard versions before 3.1 are affected. Details and fixes are posted on Cisco's Web site.
Denial-of-service attacks occur when a network is flooded with so many packets that switches, routers and servers stop processing them and continuously reboot. The Cisco Guard product detects traffic anomalies and then diverts this traffic to protect the server that was targeted in the attack.
Advisory #1 : http://www.cisco.com/warp/public/707....shtml#summary
Advisory #2 : http://www.cisco.com/en/US/products/...8037d0c5.shtml