More Vulnerabilities with Pingtel xpressa SIP-based IP phones

Type securityvulns
Reporter Securityvulns
Modified 2002-08-22T00:00:00


The Sys-Security Group Security Advisory

"More Vulnerabilities with Pingtel xpressa SIP-based IP Phones"

Release Date: 08/20/2002 Affected Platforms: Pingtel xpressa SIP IP phones model PX-1 with software version 2.0.1 and below; Pingtel instant xpressa softphones with software version 2.0.1 and below Severity: High Author: Ofir Arkin (

Summary Pingtel ( develops intelligent Java-based voice-over-IP phones and softphones for service providers and enterprises.

Using the vulnerabilities enumerated within this advisory it is possible to jeopardize critical telephony infrastructure based on Pingtel's xpressa SIP-based IP phones and softphones. Additionally, certain vulnerabilities allow an attacker to take complete control over an IP Phone or a softphone node either directly or by circumventing other SIP entities on the network by abusing the 'node's credentials'.

The most severe issue discussed is the way an attacker can exploit vulnerabilities with MyPingtel Portal ( to subvert a VoIP infrastructure which includes IP Phones and/or softphones from Pingtel.

Full Details in PDF format (~500kb): _Pingtel_xpressa_Phones.pdf

Full Details in HTML format: _with_Pingtel_xpressa_Phones.htm

Moderated text version is attached to this email and available from: _Pingtel_xpressa_SIP-based_IP_phones.txt

Ofir Arkin [] Founder The Sys-Security Group PGP CC2C BE53 12C6 C9F2 87B1 B8C6 0DFA CF2D D360 43FA

For more information: Copyright (c) The Sys-Security Group 2002, all rights reserved.