SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Device (VoIP/Phone/FAX)  >   Cisco IP Phones Vendors:   Cisco
Cisco Unified Wireless IP Phone 7921 Does Not Validate Sever Certificates When Using PEAP
SecurityTracker Alert ID:  1019494
SecurityTracker URL:  http://securitytracker.com/id/1019494
CVE Reference:   CVE-2008-1113   (Links to External Site)
Updated:  Mar 19 2008
Original Entry Date:  Feb 25 2008
Impact:   Host/resource access via network
Vendor Confirmed:  Yes  
Version(s): Model 7921
Description:   A vulnerability was reported in Cisco Unified Wireless IP Phone model 7921. A remote user can determine the installation path.

When configured to use Protected Extensible Authentication Protocol (PEAP), the phone does not validate server certificates.

A remote user may be able to conduct a man-in-the-middle attack.

The original advisory is available at:

http://blogs.zdnet.com/security/?p=901

George Ou reported this vulnerability.
Impact:   The device does not validate server certificates.
Solution:   No solution was available at the time of this entry.

The vendor plans to issue a fix.

Cisco recommends, as a workaround, using EAP-TLS as an alternative.
Vendor URL:  www.cisco.com/ (Links to External Site)
Cause:   Authentication error
Underlying OS:  

Message History:   None.

 Source Message Contents
Date:  Sat, 23 Feb 2008 16:00:06 -0800
Subject:  [Full-disclosure] Cisco confirms vulnerability in 7921 Wi-Fi IP

Two days after news of the Vocera Wi-Fi VoIP communicator PEAP security
bypass vulnerability, I received confirmation from Cisco that their
model
7921 Wi-Fi VoIP phone is also vulnerable to the same issue where digital
certificates aren't cryptographically verified.  Both Cisco and Vocera
have told me that they intend to fix future implementations of PEAP and
do the necessary steps to ensure certificate authenticity.  Cisco
released the following statement.

"Cisco confirms that the Cisco wireless IP phone model 7921 does not
currently validate server certificates when configured to use PEAP
(MS-CHAPv2). The Cisco 7920 model does not support PEAP. Cisco is
planning a long term solution to enable the option of client-side
validation of server certificates with PEAP; however, we do not
currently have a time line for when a software upgrade will be
available. To work around the problem, administrators can configure
EAP-TLS as an alternative to PEAP while ensuring mutual client-server
authentication."

Details at http://blogs.zdnet.com/security/?p=901


George Ou, CISSP
ZDNet Editor at Large (CNET Networks)
http://blogs.zdnet.com/Ou
http://blogs.zdnet.com/security

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC