Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Cisco SIP TFTP Server Detection

Medium

Synopsis

The remote host is running an inherently insecure protocol or application.

Description

The remote host is running a Cisco SIP VOIP server. The device is configured to allow TFTP access. An attacker can guess the name of the image files and download the device configuration. Such information would include passwords and IDs.

Solution

Ensure that the TFTP server and associated ACLs are in alignment with corporate policies and guidelines.