Feeds

Disaster recovery bug hangs up Cisco comms kit

Failover falls over

Next gen security for virtualised datacentres

There's trouble with the Disaster Recovery Framework (DRF) Master component in a number of unified communications products from Cisco.

The flaw, which the networking giant patched late last week, enables hackers to compromise vulnerable systems. Cisco Emergency Responder, Cisco Unified Communications Manager versions 5 and 6, and Cisco Unified Presence 6.x are affected.

Failure to properly authentic requests by the DRF component means miscreants might be able to execute arbitrary commands on affected systems. Denial of service attacks are also a possibility.

Cisco's advisory can be found here.

The network giant credits VoIPshield Systems with discovering the vulnerability. VoIPshield, which markets VoIP security application products, created a splash last week with claims that it had unearthed previously-undiscovered vulnerabilities and exploits associated with products from Cisco, Nortel, Avaya, and other leading vendors in the area.

It claims its knowledge of these bugs gives it the edge in protecting its clients' IP telephony systems from hacking attacks using a product called VoIPguard, which it describes as an intrusion prevention system for IP telephony systems. ®

Build a business case: developing custom apps

Whitepapers

Best practices for enterprise data
Discussing how technology providers have innovated in order to solve new challenges, creating a new framework for enterprise data.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?