EUVD-2015-2700

Malware in sbrugna...

HLR Lookup - Base64 encoded String, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application HLR Lookup published at the 'play' market has multiple vulnerabilities...

SS7 Pentesting Toolkit: ss7MAPer

SS7 Pentesting Toolkit The toolkit is build upon the Osmocom SS7 stack and implements some basic MAP messages. At its current state tests against the HLR are ready for use, in future versions tests against VLR , MSC and SMSC will follow. The tool is written in Erlang; to get it running you will...

CVE-2015-2608

Unspecified vulnerability in 1 the Oracle Communications Diameter Signaling Router DSR component in Oracle Communications Applications 4.1.6 and earlier, 5.1.0 and earlier, 6.0.2 and earlier, and 7.1.0 and earlier; 2 the Oracle Communications Performance Intelligence Center Software component in...

Design/Logic Flaw

Unspecified vulnerability in 1 the Oracle Communications Diameter Signaling Router DSR component in Oracle Communications Applications 4.1.6 and earlier, 5.1.0 and earlier, 6.0.2 and earlier, and 7.1.0 and earlier; 2 the Oracle Communications Performance Intelligence Center Software component in...

CVE-2015-2608

CVE-2015-2608 concerns an unspecified vulnerability in Oracle Communications Applications components (DSR, Performance Intelligence Center, Policy Management, Tekelec HLR Router) where PMAC-related vectors may affect confidentiality, integrity, and availability. Affected versions span multiple re...

Cellular Privacy, SS7 Security Shattered at 31C3

The recently concluded Chaos Communications Congress 31c3 in Hamburg, Germany was an all-out assault on cellular call privacy and security. Of particular interest was the SS7 protocol used to route calls between switching centers. Researchers, doing parallel research as it turns out, found gaping...