Net Manager

Net Manager
Network Managing, Engineering and Administration with an eye toward security.

Best practices meets the real world!

Wednesday, January 14, 2004
Voice over IP Vulnerabilities

CERT has issued an advisory on the VoIP issues here: CERT Advisory CA-2003-06 Multiple vulnerabilities in implementations of the Session Initiation Protocol (SIP). Specifically, there are a number of types of vulnerabilities to this issue including DOS, unstable system behaviors and unauthorized privilege escalations. There also is a list of vendors including Cisco, Microsoft, and Nortel. Please note the irony here in that on the CERT page it states: "Microsoft has investigated these issues. The Microsoft SIP client implementation is not affected." While this may be true, their ISA Server has a critical bug that can lead to privilege escalation that's not mentioned here.

posted by David | 1/14/2004 04:09:00 PM

0 Comments:

Post a Comment

<< Home

links

Net Manager Blog
Cockatiel Lair

cNet News
eWeek
cNet
InterNet Week
Network World
Information Week
Security Focus
SANS InfoSec Reading Room
CERT
SlashDot
GrokLaw
NewsForge
LWN.net
Linux Journal
Linux Today
Linux Gazette
The Register

Internet Storm Center
DShield
Internet Health Report
Global Instability
SamSpade DNSBLomatic
Virus Encyclopedia
Symantec Anti-Virus
TMS - Symantec
McAfee
Sophos Top Ten

Security Tracker
Hacker Toolkit
Security-Forums
PacketStorm
Phrack
Astalavista
Interhack
RootKits
Knoppix
Knoopix STD

News Links

CNN Online
MSNBC News
CBS News
ABC News
FOX News
USA Today
The Miami Herald
The Washington Post
The New York Times
BBC News
The Guardian
Canada's CBC
Austraila's ABC

Blog Links

IT Blogs
Just Another Geeks Blog
The Lost Olive
CyberCrime Archives
DataCom Guy
One Man I.T.
Geek Style
Pete's Perfect World
TechDirt