Cisco patches multiple vulnerabilities in IP phones

Cisco on Wednesday delivered patches to plug multiple overflow and denial of service vulnerabilities.

In an advisory Cisco said multiple IP phone devices running the Skinny Client Control Protocol (SCCP) firmware were impacted. The vulnerabilities range from arbitrary code executions on a phone to forced phone reboots.

Most of these advisories carry high ratings. As for the CVEs here's the list: CVE-2008-0530, CVE-2008-0526, CVE-2008-0527, CVE-2004-2486, CVE-2008-0528, CVE-2008-0529 and CVE-2008-0531. Among those CVE-2008-530 gets a perfect 10 score from Cisco. Here are the details:

Cisco Unified IP Phone 7940, 7940G, 7960 and 7960G devices running SCCP and SIP firmware contain a buffer overflow vulnerability in the handling of DNS responses. A specially-crafted DNS response may be able to trigger a buffer overflow and execute arbitrary code on a vulnerable phone. This vulnerability is corrected in SCCP firmware version 8.0(8) and SIP firmware version 8.8(0).

Separately, Cisco patched its Unified Communications Manager, which was vulnerable to SQL injection attacks (CVE-2008-0026). In an advisory, Cisco gave these flaws lower base scores.