Bugtraq mailing list archives
Re: RPS/APS vulnerability in snom/yealink and others
From: "Cal Leeming \[Simplicity Media Ltd\]" <cal.leeming () simplicitymedialtd co uk>
Date: Thu, 24 Oct 2013 20:19:24 +0100
The video was taken down by the the conference organizer at the request of a vendor. It has now been re-uploaded and can be seen here; http://www.youtube.com/watch?v=2yN_-g-0PAk The video has been split into two parts due to YouTube HD restrictions. Enjoy and apologies for the delay in getting this fixed Cal On Wed, Oct 23, 2013 at 11:10 PM, Cal Leeming [Simplicity Media Ltd] <cal.leeming () simplicitymedialtd co uk> wrote:
Hello, Discovered a vulnerability that allows for hundreds of thousands of SIP accounts to be compromised remotely. Found a year ago, partial vendor fixes but still vuln as of today, disclosed a few hours ago exclusively to the FreeSWITCH community - 23rd Oct 2013. Live disclosure can be seen here; http://www.youtube.com/watch?v=raXkHi_uGF8 Slides are here; https://www.dropbox.com/s/hp5fj7e7o1mdnyt/Auto%20provisioning%20sucks.pptx Cal
Current thread:
- RPS/APS vulnerability in snom/yealink and others Cal Leeming [Simplicity Media Ltd] (Oct 23)
- Re: RPS/APS vulnerability in snom/yealink and others Cal Leeming [Simplicity Media Ltd] (Oct 24)
- <Possible follow-ups>
- Re: RPS/APS vulnerability in snom/yealink and others god (Oct 24)