Home page logo
/

bugtraq logo Bugtraq mailing list archives

RPS/APS vulnerability in snom/yealink and others
From: "Cal Leeming \[Simplicity Media Ltd\]" <cal.leeming () simplicitymedialtd co uk>
Date: Wed, 23 Oct 2013 23:10:30 +0100

Hello,

Discovered a vulnerability that allows for hundreds of thousands of
SIP accounts to be compromised remotely.

Found a year ago, partial vendor fixes but still vuln as of today,
disclosed a few hours ago exclusively to the FreeSWITCH community -
23rd Oct 2013.

Live disclosure can be seen here;
http://www.youtube.com/watch?v=raXkHi_uGF8

Slides are here;
https://www.dropbox.com/s/hp5fj7e7o1mdnyt/Auto%20provisioning%20sucks.pptx

Cal


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault