[VOIPSEC] Daisy chaining voice <-> PC VLAN, risks?
Robert Moskowitz
rgm at icsalabs.com
Tue Sep 13 00:01:17 CDT 2005
At 01:24 PM 9/12/2005, Johnson, Joey wrote:
>Erik,
>
>There is a specific Cisco 802.1x vulnerability for the scenario you're
>discussing (AKA auxiliary voice VLANs). Using 802.1x generally provides
>an extra layer of port-level security, but in this case, it can be
>bypassed.
>Find it here:
>http://www.securitytracker.com/alerts/2005/Jun/1014135.html
Until we get 1AE working (or probably 1AE-REV), there are a number of
vulnerablities.
Robert Moskowitz
Senior Technical Director
ICSA Labs, a division of Cybertrust, Inc.
W: 248-968-9809
F: 248-968-2824
VoIP: 248-291-0713
E: rgm at icsalabs.com
There's no limit to what can be accomplished if it doesn't matter who
gets the credit
More information about the Voipsec
mailing list