Tuesday, December 04, 2007

RE: Cisco Confirms Ability To Spy On VoIP Calls

----------------- Bulletin Message -----------------
From: Brian CNN SUCKS!!! [RONPAUL2008.COM]
Date: Dec 4, 2007 9:27 PM


Cisco Confirms Ability To Spy On VoIP Calls
12-04-2007
Computer World

Cisco confirmed it is possible to eavesdrop on remote conversations using Cisco VoIP phones. In its security response, Cisco says: "an attacker with valid Extension Mobility authentication credentials could cause a Cisco Unified IP Phone configured to use the Extension Mobility feature to transmit or receive a Real-Time Transport Protocol (RTP) audio stream."

Cisco adds that Extension Mobility authentication credentials are not tied to individual IP phones and that "any Extension Mobility account configured on an IP phone's Cisco Unified Communications Manager/CallManager (CUCM) server can be used to perform an eavesdropping attack."

The technique was described by Telindus researcher Joffrey Czarny at HACK.LU 2007 in Luxembourg in October.

Read Full Article Here


Labels: , , , ,

posted by Gandolfo at 12/04/2007

Google

0 Comments:

Post a Comment

<< Home

eXTReMe Tracker