funsec mailing list archives

Re: FBI: Criminals auto-dialing with hacked VoIP systems

From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Sun, 7 Dec 2008 14:53:02 +0200 (EET)

It is possible that the issue is related to this vulnerability:
http://labs.mudynamics.com/advisories/MU-200803-01.txt
(18th Mar '08)

Juha-Matti

Juha-Matti Laurio [juha-matti.laurio () netti fi] kirjoitti:

"....
The FBI didn't say which versions of Asterisk were vulnerable to the bug, but it advised users to upgrade to the 
latest version of the software.
Asterisk is an open-source product that lets users turn a Linux computer into a VoIP (Voice over Internet Protocol) 
telephone exchange.
.."

More at
http://www.pcworld.com/printable/article/id,155074/printable.html

Intelligence Note:
http://www.ic3.gov/media/2008/081205-2.aspx

It appears that the latest versions are 1.4.22 and 1.6.0:
http://www.asterisk.org/node/48539

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

FBI: Criminals auto-dialing with hacked VoIP systems Juha-Matti Laurio (Dec 06)
- <Possible follow-ups>
- Re: FBI: Criminals auto-dialing with hacked VoIP systems Juha-Matti Laurio (Dec 07)