Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Monday, December 20, 2004

Cisco reveals security blunder

Cisco Systems has warned customers of vulnerabilities in its communications software package and of a security tool that can be used by attackers to gain access to networks.

The company issued an advisory on its Web site, warning customers of the vulnerability that affects the Cisco Unity unified communications software package versions two, three and four.

It also warned of a similar problem on Cisco Guard, a tool that helps protect companies from denial-of-service attacks.

Cisco Unity is a unified communications software package that allows users to listen to email over the telephone or check voice messages from the Internet.  When integrated with a third-party fax server, it can even forward faxes to any local fax machine.  The problem with Cisco Unity is that it creates certain user accounts with default passwords when integrated with Microsoft’s Exchange program.  If the password isn’t changed when Unity is installed, outside users could log on and read incoming and outgoing email messages.  They could also gain access to certain administrative functions.

Cisco has posted a solution on its Web site.  The simplest fix is to change the default passwords on the accounts.  The accounts with default passwords that should be changed can be found on the Web site.

In October, Cisco announced several security upgrades for its unified communications products. Specifically, it offered higher security on voice messages.

Cisco also warned about a vulnerability on Cisco Guard, an application to counter denial-of-service attacks.  Like the Cisco Unity product, Cisco Guard comes with default usernames and passwords.  The problem can be fixed by changing these settings.

Denial-of-service attacks occur when a network is flooded with so many packets that switches, routers and servers stop processing them and continuously reboot.  The Cisco Guard product detects traffic anomalies and then diverts this traffic to protect the server that was targeted in the attack.,39020375,39181665,00.htm

Posted on 12/20