Penetration Testing mailing list archives
RE: potential fax server security issues?
From: "Travis Potter" <TPotter () secureintegrations com>
Date: Tue, 13 Jan 2004 17:20:30 -0700
It's better to use intelligent Fax Boards by Brooktrout or Dialogic to control this Phase A(handshake) and Phase B(data transmission) portions of communication at the firmware level as opposed to a modem with all init and "at" strings commonly known that may or may not be vulnerable. -----Original Message----- From: Maarten [mailto:maartenh () phreaker net] Sent: Tuesday, January 13, 2004 12:49 PM To: pen-test () securityfocus com Subject: potential fax server security issues? Hi, I was wondering if any of you has experience in testing fax servers. I am looking for some insides on potential vulnerabilities on the modem side of a fax server. Could an attacker for instance (potentially): - Discover the fax server using a war dialler (yes) - Connect to the fax server using his modem (yes) - Initiate some kind of overflow on the fax server software after the modem connection has been established, gaining a shell on the system???? Has anyone been looking into this kind of stuff? Am I being overly paranoid at this point? thanks! Maarten ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- potential fax server security issues? Maarten (Jan 13)
- Re: potential fax server security issues? Steve Friedl (Jan 13)
- RE: potential fax server security issues? Travis Potter (Jan 13)