Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

::SPAM:: Re[2]: ASN.1 telephony critical infrastructure warning - VOIP

From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Wed, 18 Feb 2004 10:58:07 +0300
Spam detection software, running on the system "cw-1.crocker.com", has
identified this incoming email as possible spam.  The original message
has been attached to this so you can view it (if it isn't spam) or block
similar future email.  If you have any questions, see
the administrator of that system for details.

Content preview:  Dear Florian Weimer, It's different thing. Any
  infrastructure based on Windows is under risk. But it's not because
  VoIP uses ASN.1. --Wednesday, February 18, 2004, 12:32:10 AM, you wrote
  to 3APA3A () SECURITY NNOV RU: [...] 

Content analysis details:   (6.5 points, 5.0 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
 1.9 FROM_NO_LOWER          'From' has no lower-case characters
 0.3 FROM_HAS_MIXED_NUMS    From: contains numbers mixed in with letters
 1.5 BODY_8BITS             BODY: Body includes 8 consecutive 8-bit characters
 1.9 DATE_IN_FUTURE_06_12   Date: is 6 to 12 hours after Received: date
 0.8 PRIORITY_NO_NAME       Message has priority setting, but no X-Mailer
--- Begin Message --- From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Wed, 18 Feb 2004 10:58:07 +0300
Dear Florian Weimer,

It's different thing. Any infrastructure based on Windows is under risk.
But it's not because VoIP uses ASN.1.

--Wednesday, February 18, 2004, 12:32:10 AM, you wrote to 3APA3A () SECURITY NNOV RU:

FW> 3APA3A wrote:


ASN.1  is  used  by  many  services,  but  all  use different underlying
protocols.  It's  not  likely  NetMeeting or MS ISA server to be primary
attack  targets.  Attack  against  MS  IPSec  implementation,  Exchange,
SMB/CIFS, RPC services, IIS and specially IE will no have impact to VoIP
infrastructure  (except  connectivity  degradation  because  of  massive
traffic).


FW> I wish your assessment were true, but it's not.  Cisco Call Manager is
FW> based on Windows, and Cisco still has to certify the patches Microsoft
FW> released.

FW> It's sad that Microsoft apparently hasn't used those six months to
FW> properly coordinate the issue with OEM vendors.


-- 
~/ZARAZA
Ну а теперь, Уильям, хорошенько поразмыслите над данным письмом. (Твен)

--- End Message ---
Previous By Date Next
Previous By Thread Next

Current thread: