- FBI warns Hit Man e-mail scammer back
- 20 tech habits to improve your life
- Industry mourns slain Cisco exec
- 10 Firefox add-ons for better browsing
- Wireless LANs face scaling challenges
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
VoIP customers of Avaya, Cisco and Nortel should look Wednesday for patches that correct newly found vulnerabilities that, if exploited, can result in remote code execution; unauthorized access; denial of service; and information harvesting.
The vulnerabilities were found by VoIPshield Laboratories and reported earlier to the three vendors in order to give them time to develop patches for the flaws, says Rick Dalmazzi, president and CEO of VoIPshield. Details of the vulnerabilities and the vendor responses are scheduled to be released Wednesday at noon Eastern time. Dalmazzi would not reveal more details because his company and the affected VoIP vendors agreed to a simultaneous announcement.
He says he believes two of the three vendors will have patches available Wednesday and the third will issue an advisory.
The vulnerabilities found affect voice servers -- VoIP PBXes -- and softphone software that runs on laptops and desktops, Dalmazzi says. (Compare IP PBX products.)
VoIPshield ranks most of the vulnerabilities found as either critical or high, the two most severe rankings on its four-step scale.
Avaya, Cisco and Nortel were chosen for vulnerability testing because they represent the bulk of IP PBX sales in North America, Dalmazzi says. The company has included Microsoft in its next round of testing, the results of which will come out in about four months.
VoIPshield Systems makes VoIP vulnerability testing software as well as an intrusion-prevention system designed for VoIP.
Rss FeedRss Feed
Discover the capabilities your file integrity monitoring solution should have to effectively secure...
Toward More Flexible, Next-Generation Collaboration SolutionsA recent study by CIO Magazine and IDG Research Services found that while collaboration tools are...
Boost Productivity While Cutting Costs with Next-generation CollaborationIDG says that "providing employees with collaboration tools that enable them to work together...
The standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Harnessing the power of communications to increase workplace performanceDue to the convergence of IT and telecommunications technologies, the business workplace has been...
Stay out of the headlines: Detecting and preventing network intrusionsHow do YOU stay out of the headlines? There is no denying that risk exists in our computer-driven...
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
The Foundry Enterprise Advantage
Foundry Networks, Inc. (NASDAQ: FDRY) is a leading provider of high-performance enterprise and service provider switching, routing, security and Web traffic management solutions. Foundry's customers include the world's premier ISPs, metro service providers, and enterprises.
For further information on Foundry Networks please click here.
Leveraging the Advantages
of a Multi-vendor Network Strategy
Today's enterprise network provides more than simply a technology infrastructure. It's an enabler for the enterprise, supporting mission critical applications, creating operational efficiencies and increasing productivity gains. Foundry Networks provides the ideal foundation for a multi-vendor network.
Click here to view whitepaper!
Comments (6)
VoIP Vulnerabilities versus Voice VulnerabilitiesBy Rick J on June 26, 2008, 11:21 pmClearly, it's important to find/fix vulnerabilities in VoIP applications. At the same time, there are a number of important and active risks posed by voice networks...
Reply | Read entire comment
VoIP Vulnerabilities versus Voice VulnerabilitiesBy Rick J on June 26, 2008, 7:20 pmClearly, it's important to find/fix vulnerabilities in VoIP applications. At the same time, there are a number of important and active risks posed by voice networks...
Reply | Read entire comment
i cant find anything about this on CCO; did anything transpire?By Anonymous on June 25, 2008, 7:43 pmi cant find anything about this on CCO; did anything transpire?
Reply | Read entire comment
so were is the annoucementBy Anonymous on June 25, 2008, 7:39 pmSo were is the noon annoucement
Reply | Read entire comment
Today is the day!By Anonymous on June 25, 2008, 3:50 pmThe announcement is only minutes away...I wonder if any of the big-name companies will be in the news this week (if they don't patch). A link to this article can...
Reply | Read entire comment
View all comments