100 matches found
Fedora Update for sipp FEDORA-2008-3690
Check for the Version of sipp OpenVAS Vulnerability Test Fedora Update for sipp FEDORA-2008-3690 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Fedora Update for sipp FEDORA-2008-6219
Check for the Version of sipp OpenVAS Vulnerability Test Fedora Update for sipp FEDORA-2008-6219 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
[SECURITY] Fedora 9 Update: sipp-3.1-2.fc9
SIPp is a free Open Source test tool / traffic generator for the SIP protoc ol. It includes a few basic SipStone user agent scenarios UAC and UAS and establishes and releases multiple calls with the INVITE and BYE methods. It can also reads custom XML scenario files describing from very simple to...
reSIProcate 1.3.2 Remote Denial of Service PoC
Exploit for multiple platform in category dos / poc ============================================== reSIProcate 1.3.2 Remote Denial of Service PoC ============================================== -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remote DoS in reSIProcate MU-200807-01 July 10, 2008...
[SECURITY] Fedora 9 Update: sipp-3.1-2.fc9
SIPp is a free Open Source test tool / traffic generator for the SIP protoc ol. It includes a few basic SipStone user agent scenarios UAC and UAS and establishes and releases multiple calls with the INVITE and BYE methods. It can also reads custom XML scenario files describing from very simple to...
AOL AIM SIPFoundry sipXtapi RTCP Processing Heap Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AOL AIM. Successful exploitation requires the victim to accept a Video Messaging session with the attacker. The specific flaw exists in the SIP protocol implementation library, sipXtapi.dll. If a...
Asterisk voice server DoS
SIP protocol parsing NULL pointer dereference in pedantic mode. Uninitialized memory reference on in ooh323 channel driver...
[SECURITY] Fedora 9 Update: sipp-3.1-1.fc9
SIPp is a free Open Source test tool / traffic generator for the SIP protoc ol. It includes a few basic SipStone user agent scenarios UAC and UAS and establishes and releases multiple calls with the INVITE and BYE methods. It can also reads custom XML scenario files describing from very simple to...
[SECURITY] Fedora 7 Update: sipp-3.1-1.fc7
SIPp is a free Open Source test tool / traffic generator for the SIP protoc ol. It includes a few basic SipStone user agent scenarios UAC and UAS and establishes and releases multiple calls with the INVITE and BYE methods. It can also reads custom XML scenario files describing from very simple to...
Cisco Unified IP Phone SCCP及SIP协议多个远程安全漏洞
BUGTRAQ ID: 27774 CVECAN ID: CVE-2008-0530,CVE-2008-0526,CVE-2008-0527,CVE-2008-0528,CVE-2008-0529,CVE-2008-0531 Cisco Unified IP Phone是思科的统一IP电话解决方案。 DNS响应解析溢出 运行SCCP和SIP固件的Cisco Unified IP Phone 7940、7940G、7960和7960G设备在处理DNS响应时存在缓冲区溢出漏洞,特制的DNS响应可以触发缓冲区溢出,在有漏洞的电话上执行任意指令。该漏洞记录为CVE-2008-0530和Cisco...
Ingate Firewall及SIParator远程拒绝服务漏洞
BUGTRAQ ID: 27222 Ingate Firewall和SIParator都是企业级的硬件防火墙设备。 Ingate Firewall和SIParator处理SIP协议数据时存在漏洞,远程攻击者可能利用此漏洞导致设备不可用。 某些情况下Ingate Firewall和SIParator在呼叫结束后没有重新使用SIP媒体端口,这可能导致耗尽所有可用端口,无法创建新的呼叫。 Ingate Firewall 4.6.1 Ingate SIParator 4.6.1 厂商补丁: Ingate ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
SuSE 10 Security Update : opal (ZYPP Patch Number 4519)
A bug in the SIP protocol handler could be exploited by attackers to crash applications using opal. CVE-2007-4924 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Cisco 7940 / Nokia N95 phones DoS
Race conditions on SIP protocol handling...
openSUSE 10 Security Update : opal (opal-4531)
A bug in the SIP protocol handler could be exploited by attackers to crash applications using opal CVE-2007-4924. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update opal-4531. The text descriptio...
sip-pwn.txt
SIP, the IETF endorsed VoIP signaling protocol, is currently used to establish and manage VoIP calls. Many security issues have been addressed until know about the security of VoIP due to the large numbers of attacks coming from the traditional IP networks, but none have addressed the securing th...
Thomson SIP phone ST 2030 Remote Denial of Service Exploit
No description provided by source. !/usr/bin/perl Vulneravility for Thomson 2030 firmware v1.52.1 It provokes a DoS in the device. use IO::Socket::INET; die "Usage $0 dst port username" unless $ARGV2; $socket=new IO::Socket::INET-newPeerPort=$ARGV1, Proto='udp', PeerAddr=$ARGV0; $msg = "INVITE...
[Full-disclosure] DOS vulnerability on Thomson SIP phone ST 2030 using the VIA Header
MADYNES Security Advisory : Remote DOS on Thomson SIP phone ST 2030 Date of Discovery 15 February, 2007 Vendor was notified on 1 March 2007 ID: KIPH8 Synopsis After sending a message where the a space is replaced by a slash after the SIP version in the VIA, the device looks functional but in fact...
[Full-disclosure] DOS vulnerability on Thomson SIP phone ST 2030 using the TO Header
MADYNES Security Advisory : Remote DOS on Thomson SIP phone ST 2030 Date of Discovery 15 February, 2007 Vendor was notified on 1 March 2007 ID: KIPH9 Synopsis After sending a message where the TO URI field is crafted, the device looks functional but in fact does not respond to any event provoking...
grandstream-sip.txt
While playing with the SIP Madynes stateful fuzzer for a description see http://hal.inria.fr/inria-00166947/en, we have realized that some SIP stack engines have serious bugs allowing to an attacker to automatically make a remote phone accept the call without ringing and without asking the user t...
[Full-disclosure] 10 messages SIP Remote DOS on Cisco 7940 SIP Phone
MADYNES Security Advisory : stateful SIP remote DOS on Cisco 7940 Date of Discovery 4 April, 2007 ID: KIPH6 Synopsis After sending a series of ten SIP messages the device reboots. The phone does not check properly the state engine in the SIP stack The vendor was informed in April 2007 and...