100 matches found
eStara Softphone <= 3.0.1.46 (SIP) Remote Buffer Overflow Exploit (2)
No description provided by source. !/usr/bin/perl -s damn-hippie.pl by kokanin google estara, it shows sip stuff and a hippie Remote estara softphone exploit, executable version info = 3.0.1.2 kokanin did the research, metasploit.com did the encoded bindshell on tcp/5060 Lets face it, most users...
reSIProcate 1.3.2 - Remote Denial of Service PoC
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remote DoS in reSIProcate MU-200807-01 July 10, 2008 http://labs.mudynamics.com/advisories.html Affected Products/Versions: repro SIP proxy/registrar 1.3.2 http://www.resiprocate.org/ReSIProcate1.3.2Release Any produ...
PhonerLite 2.14 SIP Soft Phone - SIP Digest Disclosure
PhonerLite 2.14 SIP Soft Phone - SIP Digest Disclosure -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I. Advisory Summary Title: SIP Digest Leak Information Disclosure in PhonerLite 2.14 SIP Soft Phone Date Published: March 30, 2014 Vendors contacted: Heiko Sommerfeldt, PhonerLite author...
wireshark: SIP dissector crash (wnpa-sec-2013-63)
The dissectsipcommon function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which allows remote attackers to cause a denial of service application crash via a crafted packet...
asterisk -- multiple vulnerabilities
The Asterisk project reports: Remote Crash From Late Arriving SIP ACK With SDP Remote Crash when Invalid SDP is sent in SIP Request...
Fedora Update for ekiga FEDORA-2013-2890
Check for the Version of ekiga OpenVAS Vulnerability Test Fedora Update for ekiga FEDORA-2013-2890 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
[SECURITY] Fedora 18 Update: ekiga-4.0.1-1.fc18
Ekiga is a tool to communicate with video and audio over the internet. It uses the standard SIP and H323 protocols...
CVE-2012-5976
Multiple stack consumption vulnerabilities in Asterisk Open Source 1.8.x before 1.8.19.1, 10.x before 10.11.1, and 11.x before 11.1.2; Certified Asterisk 1.8.11 before 1.8.11-cert10; and Asterisk Digiumphones 10.x-digiumphones before 10.11.1-digiumphones allow remote attackers to cause a denial o...
Stack overflow
Multiple stack consumption vulnerabilities in Asterisk Open Source 1.8.x before 1.8.19.1, 10.x before 10.11.1, and 11.x before 11.1.2; Certified Asterisk 1.8.11 before 1.8.11-cert10; and Asterisk Digiumphones 10.x-digiumphones before 10.11.1-digiumphones allow remote attackers to cause a denial o...
Phone based denial-of-service (DoS) attack on MI6 Anti-terrorism Agency
Phone based denial-of-service DoS attack on MI6 Anti-terrorism Agency +attack+on+MI6+Anti-terrorism+Agency.jpg The Hacking group, 'TeaMp0isoN' said they targeted counter-terrorism officers at MI6 with a barrage of phone calls for a period of 24 hours, which meant nobody else could get through. By...
CVE-2011-4597
The SIP over UDP implementation in Asterisk Open Source 1.4.x before 1.4.43, 1.6.x before 1.6.2.21, and 1.8.x before 1.8.7.2 uses different port numbers for responses to invalid requests depending on whether a SIP username exists, which allows remote attackers to enumerate usernames via a series ...
CVE-2011-4597
The SIP over UDP implementation in Asterisk Open Source 1.4.x before 1.4.43, 1.6.x before 1.6.2.21, and 1.8.x before 1.8.7.2 uses different port numbers for responses to invalid requests depending on whether a SIP username exists, which allows remote attackers to enumerate usernames via a series ...
Asterisk Multiple Vulnerabilities (AST-2011-013 / AST-2011-014)
According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by the following vulnerabilities : - An issue in the SIP protocol can lead to the enumeration of endpoints with NAT settings different from the default. Note that this is an issu...
Moshi Moshi : VoIP bot written in Python
Moshi Moshi : VoIP bot written in Python Moshi Moshi is a VoIP Bot written in Python that uses SIP as VoIP Protocol, Text-to-speech engines for Output, and DTMF Tones for Input. It is part of a talk "Sounds Like Botnet " given at DEF CON 19 and BSidesLV 2011 on VoIP Botnets by Itzik Kotler and...
sip-brute NSE Script
Performs brute force password auditing against Session Initiation Protocol SIP accounts. This protocol is most commonly associated with VoIP sessions. Script Arguments sip.timeout See the documentation for the sip library. creds.service, creds.global See the documentation for the creds library...
Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities Advisory ID: cisco-sa-20100922-sip http://www.cisco.com/warp/public/707/cisco-sa-20100922-sip.shtml Revision 1.0 For Public Release 2010 Septembe...
Security Best Practice: SIP Protocol Enforcement
The Session Initiation Protocol SIP is a signaling protocol, widely used for controlling multimedia communication sessions such as voice and video calls over Internet Protocol IP. The protocol can be used for creating, modifying and terminating two-party unicast or multiparty multicast sessions...
CVE-2008-7065
Siemens C450 IP and C475 IP VoIP devices allow remote attackers to cause a denial of service disconnected calls and device reboot via a crafted SIP packet to UDP port 5060...
OpenH323 Opal SIP Protocol - Remote Denial of Service
!/usr/bin/env python OpenH323 Opal SIP Protocol Remote Denial of Service Vulnerability CVE-2007-4924 opal228dos.py by Jose Miguel Esparza 2007-10-08 S21sec labs import sys,socket if lensys.argv != 3: sys.exit"Usage: " + sys.argv0 + " targethost targetport\n" target = sys.argv1 targetPort =...
Fedora Update for sipp FEDORA-2008-3690
Check for the Version of sipp OpenVAS Vulnerability Test Fedora Update for sipp FEDORA-2008-3690 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...