Bugtraq mailing list archives
RPS/APS vulnerability in snom/yealink and others
From: "Cal Leeming \[Simplicity Media Ltd\]" <cal.leeming () simplicitymedialtd co uk>
Date: Wed, 23 Oct 2013 23:10:30 +0100
Hello, Discovered a vulnerability that allows for hundreds of thousands of SIP accounts to be compromised remotely. Found a year ago, partial vendor fixes but still vuln as of today, disclosed a few hours ago exclusively to the FreeSWITCH community - 23rd Oct 2013. Live disclosure can be seen here; http://www.youtube.com/watch?v=raXkHi_uGF8 Slides are here; https://www.dropbox.com/s/hp5fj7e7o1mdnyt/Auto%20provisioning%20sucks.pptx Cal
Current thread:
- RPS/APS vulnerability in snom/yealink and others Cal Leeming [Simplicity Media Ltd] (Oct 23)
- Re: RPS/APS vulnerability in snom/yealink and others Cal Leeming [Simplicity Media Ltd] (Oct 24)
- <Possible follow-ups>
- Re: RPS/APS vulnerability in snom/yealink and others god (Oct 24)