RPS/APS vulnerability in snom/yealink and others

["Cal Leeming \[Simplicity Media Ltd\]" <cal.leeming () simplicitymedialtd co uk>]

Hello,

Discovered a vulnerability that allows for hundreds of thousands of
SIP accounts to be compromised remotely.

Found a year ago, partial vendor fixes but still vuln as of today,
disclosed a few hours ago exclusively to the FreeSWITCH community -
23rd Oct 2013.

Live disclosure can be seen here;
http://www.youtube.com/watch?v=raXkHi_uGF8

Slides are here;
https://www.dropbox.com/s/hp5fj7e7o1mdnyt/Auto%20provisioning%20sucks.pptx

Cal