BugTraq
RPS/APS vulnerability in snom/yealink and others Oct 23 2013 10:10PM
Cal Leeming \[Simplicity Media Ltd\] (cal leeming simplicitymedialtd co uk) (1 replies)
Hello,

Discovered a vulnerability that allows for hundreds of thousands of
SIP accounts to be compromised remotely.

Found a year ago, partial vendor fixes but still vuln as of today,
disclosed a few hours ago exclusively to the FreeSWITCH community -
23rd Oct 2013.

Live disclosure can be seen here;
http://www.youtube.com/watch?v=raXkHi_uGF8

Slides are here;
https://www.dropbox.com/s/hp5fj7e7o1mdnyt/Auto%20provisioning%20sucks.pp
tx

Cal

[ reply ]
Re: RPS/APS vulnerability in snom/yealink and others Oct 24 2013 07:19PM
Cal Leeming \[Simplicity Media Ltd\] (cal leeming simplicitymedialtd co uk)


 

Privacy Statement
Copyright 2010, SecurityFocus