BugTraq
RPS/APS vulnerability in snom/yealink and others Oct 23 2013 10:10PM
Cal Leeming \[Simplicity Media Ltd\] (cal leeming simplicitymedialtd co uk) (1 replies)
Re: RPS/APS vulnerability in snom/yealink and others Oct 24 2013 07:19PM
Cal Leeming \[Simplicity Media Ltd\] (cal leeming simplicitymedialtd co uk)
The video was taken down by the the conference organizer at the
request of a vendor.

It has now been re-uploaded and can be seen here;
http://www.youtube.com/watch?v=2yN_-g-0PAk

The video has been split into two parts due to YouTube HD restrictions.

Enjoy and apologies for the delay in getting this fixed

Cal

On Wed, Oct 23, 2013 at 11:10 PM, Cal Leeming [Simplicity Media Ltd]
<cal.leeming (at) simplicitymedialtd.co (dot) uk [email concealed]> wrote:
> Hello,
>
> Discovered a vulnerability that allows for hundreds of thousands of
> SIP accounts to be compromised remotely.
>
> Found a year ago, partial vendor fixes but still vuln as of today,
> disclosed a few hours ago exclusively to the FreeSWITCH community -
> 23rd Oct 2013.
>
> Live disclosure can be seen here;
> http://www.youtube.com/watch?v=raXkHi_uGF8
>
> Slides are here;
> https://www.dropbox.com/s/hp5fj7e7o1mdnyt/Auto%20provisioning%20sucks.pp
tx
>
> Cal

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus