12 matches found
EUVD-2008-5841
Malware in sbrugna...
EUVD-2007-2878
Malware in sbrugna...
Cisco 7940/7960 IP Phones Improper Verification of Cryptographic Signature (CVE-2005-2181)
Cisco 7940/7960 Voice over IP VoIP phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages such as the Messages waiting message. This plugin only works with Tenable.ot. Please visit...
Input validation
A Malformed Input String to /cgi-bin/deleteCA on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to delete configuration parameters and gain admin access to the device...
vsaudit - VOIP Security Audit Framework
This is an opensource tool to perform attacks to general voip services It allows to scans the whole network or single host to do the gathering phase, then it is able to search for most known vulnerabilities on the founds alive hosts and try to exploit them. Install dependencies To start using...
Trixbox (endpoint_aastra.php, mac param) - Remote Code Injection
No description provided by source. App : Trixbox all versions vendor : trixbox.com Author : i-Hmx mail : [email protected] Home : security arrays inc , sec4ever.com ,exploit4arab.net Well well well , we decided to give schmoozecom a break and have a look @ fonality products do you think they have...
[Bluebox-ng] UC/VoIP Security Tool
Bluebox-ng is a next generation UC/VoIP security tool. It has been written in CoffeeScript using Node.js powers. This project is "our 2 cents" to help to improve information security practices in VoIP/UC environments. GitHub repo : https://github.com/jesusprubio/bluebox-ng IRCFreenode :...
Multiple Vulnerabilities in Cisco Unified Communications Manager
Cisco Unified Communications Manager Unified CM contains multiple vulnerabilities that could be used together to allow an unauthenticated, remote attacker to gather user credentials, escalate privileges, and execute commands to gain full control of the vulnerable system. A successful attack could...
CALL FOR PAPERS - The Hackers Conference 2013
The call for papers for The Hackers Conference 2013 is now open. THC2013 is a hacker conference taking place in New Delhi, India on August 25th, 2013. The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cybe...
The Hackers Conference 2012 Call For Papers #THC2012
We are extremely delighted to announce the Call for Papers for The Hackers Conference 2012 It is a unique event, where the elite of the hacker world, leaders in the information security industry and the Internet community meet face to face to join their efforts to cooperate in addressing the most...
VoIP VLAN Hopper
VoIP Hopper is a GPLv3 licensed security tool, written in C, that rapidly runs a VLAN Hop into the Voice VLAN on specific ethernet switches. VoIP Hopper does this by mimicking the behavior of an IP Phone, in Cisco, Avaya, Nortel, and Alcatel-Lucent environments. This requires two important steps ...
sip-pwn.txt
SIP, the IETF endorsed VoIP signaling protocol, is currently used to establish and manage VoIP calls. Many security issues have been addressed until know about the security of VoIP due to the large numbers of attacks coming from the traditional IP networks, but none have addressed the securing th...