VoIP Security/Vulnerabilities: Nortel Centrex IP Client Manager Multi ple Vulnerabilities

["Fergie" <fergdawg () netzero net>]

When I saw this vulnerability this morning over on Secunia:

[snip]

Nortel Networks has acknowledged multiple vulnerabilities in Centrex IP Client Manager, which can be exploited by 
malicious, local users to gain escalated privileges and by malicious people to view potentially sensitive information, 
to trick users into downloading and executing arbitrary programs, and to compromise a user's system.

[snip]

http://secunia.com/advisories/18311/

..it reminded me os something that I've been thinking about lately,
and that is the fact that as VoIP increases in popularity and
depolyment, I'm pretty sure that we're going to see an enormous
increase in pootential security issues in various implementations.

And although there _is_ a 'VoIP Security Alliance':

 http://www.voipsa.org/

...it doesn't appear to be doing much -- at least from a cursory
view of their web page(s).

Anyone have any anecdotes of thoughts on this?

Cheers,

- ferg
--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.