Net Manager Network Managing, Engineering and Administration with an eye toward security. Best practices meets the real world! |
Wednesday, January 14, 2004 Voice over IP Vulnerabilities CERT has issued an advisory on the VoIP issues here: CERT Advisory CA-2003-06 Multiple vulnerabilities in implementations of the Session Initiation Protocol (SIP). Specifically, there are a number of types of vulnerabilities to this issue including DOS, unstable system behaviors and unauthorized privilege escalations. There also is a list of vendors including Cisco, Microsoft, and Nortel. Please note the irony here in that on the CERT page it states: "Microsoft has investigated these issues. The Microsoft SIP client implementation is not affected." While this may be true, their ISA Server has a critical bug that can lead to privilege escalation that's not mentioned here. posted by David | 1/14/2004 04:09:00 PM |
|
||||
| |||||
0 Comments:
Post a Comment
<< Home