Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Cisco IP Phone vulnerability
From: "J. Oquendo" <sil () infiltrated net>
Date: Sat, 31 Mar 2007 22:05:40 -0500

-----BEGIN LSD SIGNED MESSAGE-----

Infiltrated.net Security Advisory:
Cisco IP Phone Denial of Service
http://www.infiltrated.net/ciscoIPPhone7960.html
Revision 6.9

For Public Release

Summary
The Cisco IP Phones are subject to a denial of
service.

This vulnerability has not yet been documented
by Cisco but it should be allocated the bug ID
31337 by staff @ PSIRT

This advisory will be posted at
http://www.infiltrated.net/ciscoIPPhone7960.html

Affected Products
All Cisco IP Phones

Proof of Concept
http://infiltrated.net/7960poc.jpg

Cisco Security Procedures
Complete information on reporting security
vulnerabilities in Cisco products, obtaining
assistance with security incidents, and
registering to receive security information from
Cisco, is available on Cisco's website at 
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html 
All Cisco security advisories are available at 
http://www.cisco.com/go/psirt.


Details
Cisco IP Phones are subject to a denial of service.
Users who disconnect their ethernet cables will
lose their dial tones and their present call will
drop as well as subsequent incoming calls.

While the attack may be local at present time,
security engineers Infiltrated Networks (a division
of Fscker Inc. with no relation to Halliburton)
are devising telekinetic attacks along with Miss
Cleo in order to provide a working disconnection
attack tool.


Impact
All your phone sex belongs to null 0

Software Versions and Fixes
The only fix is to plug your phone back into a PoE
switch or plug in its power cord.

Obtaining Fixed Software
Infiltrated Networks and Fscker Inc. is offering
its services at the low price of $1000.00 an hour
in consulting fees to remedy this attack, with a
100 hour minimum retainer fee. In fact, for those
seeking to purchase a PoC code of the mentioned
vulnerability, contact us, we'll gladly take your
milk money.

Workarounds
Don't unplug your phone. Don't unplug your PoE
switches. Don't live in areas where electricity
is sporadic. Don't play with matches, and don't
drive while under the influence of anything that
is currently mentioned at http://www.bumwine.com

Exploitation and Public Announcements
Infiltrated.net is not aware of any public
announcements or malicious use of the
vulnerability described in this advisory.

This vulnerability was reported to us
losers, by another bigger loser who wishes
to retain his or her anonyminity out of
fear of obtaining "Michael Lynn Disease"
where a frivolous denial of service attack
via litigation will ensue and weaken the
immune system.

Status of This Notice: FINAL
This is a final Infiltrated.net advisory. Although
we cannot guarantee the accuracy of all statements
in this notice, we still passed it on to you the
consumer knowing full well a cease and desist letter
will be sent and added to our collection. All of the
facts have however been checked to the best of our
ability while not under the influence of Prozac,
Valtrex, Valium, Lithium and lest we forget, weapons
of mass destruction of which you will not find since
we have them buried in the secret stash boxes of our
Nissan, Lexus, WRX, and Cherokee alongside our Glocks.


Revision History
Revision 6.9            Initial public release



This notice is Copyright 2007 by Infiltrated.net.
This notice may be redistributed freely after the
release date given at the top of the text,
provided that redistributed copies are complete
and unmodified, and include all date and version
information. Pictures of your fiance, wife,
girlfriend can be e-mailed to us if said
individuals did not yet e-mail to us on their
own. Infiltrated Networks, sil, and our oddball
affiliates remind those on the security scene to
keep it real. 


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault