Cisco warns of flaws that could disrupt voice calls


Cisco has warned customers about faults in its unified communications software, which could allow for a denial of service (DoS) attack and the disruption of voice services.

A security alert said that there were faults in Cisco's unified communications manager, a call processing system that extends "enterprise telephony features" to network devices such as IP phones.

Two DoS vulnerabilities are around the processing of SIP packets. The vulnerabilities can be triggered by a malformed SIP message and cause a 'critical" process to fail, disrupting voice services.

Other DoS vulnerabilities include an issue with the tracking of network connections, and two others involving the processing of SIP and SCCP packets.

Cisco said it was not yet aware of any attacks trying to take advantage of flaws found in the advisory.

The alert was published a day after Cisco warned about problems with its Wireless LAN devices, which leave it open to a DoS attack.