VoIP Protection Vulnerabilities
These Pages Is Designed to Record Stability Vulnerabilities Which Have Been Openly Revealed in VoIP Services and Products and Also the Deal with when available.Cisco 7920 (vxworks wdb).
Hitachi Wireless IP5000
Inch ) Even the Hitachi VOIP wi fi mobile hand set comes with an default administrator password of”0000″ the consumer moves as a way to obtain administrator acts once programming the hand set by way of the bodily keys. This password seems to be more hard coded and poses a more physiological vulnerability. When an attacker may physically get into the cell telephone (borrow, cellphone rental case, theft, etc.. ) the attacker may endure painful and sensitive info and also alter the telephone configuration (vxworks wdb).
There seems that there is no work around for this particular vulnerability.
Two ) inappropriate facts Identification: Your HTTP daemon default indicator page reveals what the gadget is currently (Hitachi IP5000 cellphone ), both the telephone computer software variants, telephone MAC address, IP routing and address advice. A person could utilize this to detect fast that which the unit is and then see whether you will find any affiliated vulnerabilities. In addition, the disclosure of this mobile’s routing/gateway facts could give an attacker using advice to get a DoS attack (vxworks wdb). A person doesn’t have to authenticate the device to acquire such advice in the indicator webpage.
Work around would be to disable the HTTP server by way of your telephone physical port or from the HTTP user interface.
3). Web host default option setup doesn’t need qualifications to authenticate. This enables an individual to get any one of the assorted configuration pages of their telephone, modifying the telephone setup, etc.. Work around would be to disable the HTTP server by way of your telephone physical port or from the HTTP user interface (vxworks wdb). The device user can also decide on a password by means of the HTTP user interface. Be aware the password collection page doesn’t need the prior password (a attacker may lock a user in the event the password isn’t established ), nor does this necessitate the password to be input double (in order to steer clear of fat-fingering).
4)Even the Hitachi IP5000 VOIP WIFI mobile phone SNMP v1/v2c daemon enables tabbed accessibility into this device’s SNMP configuration working with almost any qualifications (vxworks wdb). A person could use this vulnerability to obtain your device’s SNMP settings, most likely reading/writing/erasing painful and sensitive info.
There looks like no work around because it looks like the SNMP daemon could be handicapped, nor will the SNMP daemon read/write strings be changed from the telephone consumer.
5)Even the Hitachi IP5000 mobile includes a undocumented open interface, TCP/3390, which offers an unauthenticated attacker entry into this Unidata Shell generated up on link (vxworks wdb). This will enable an individual to gain access to sensitive info and also potentially affect the mobile’s surgeries at A-dos.
Like a work around, there seems that there is no method to disable this specific interface along with services, therefore no work around looks potential.
This port may make it possible for an attacker unauthenticated accessibility into the telephone OS, most likely inventing painful and sensitive info, producing possibilities for DoS, (vxworks wdb) etc.. Additionally, there Seems That There Is No workaround to using this spacious vent
ZyXEL Prestige 2000W
Inch ) Even the Zyxel P2000W v.inch VOIP wi fi cell phone has an undocumented port, UDP/9090, that offers an unauthenticated attacker information regarding the phone, specifically the device’s MAC address and software variant is based up on link, (vxworks wdb). A person could use this vulnerability to readily recognize your telephone and pc software edition. There seems that there is no work around with this particular situation.
Two ) The Zyxel P2000W v.inch VOIP wi fi mobile employs hard coded DNS servers positioned in Taiwan to your mobile’s DNS configuration, (vxworks wdb). Principal DNS ip address is currently 184.108.40.206 solving to dns.hinet.net. Secondary DNS ip address is currently 220.127.116.11 solving to dns.seed.net.tw
This setup puts just about every ZyXel mobile phone working with this program in danger of accidental DoS in the event the DNS servers at Taiwan turn out to be inaccessible, (vxworks wdb). In case the DNS servers have been compromised, then all of Zyxel mobile end users globally are exposed to becoming re directed to malicious SIP servers. To get a short-term work around users may manually enter the ip of the famous, reputable DNS server by way of the computer keyboard at every telephone launch once configured for DHCP or even PPOE, but this isn’t going to last as soon as the device is terminated.
My Country Mobile F1000
Inch ) My Country Mobile F1000 SNMP daemon default credentials lets an individual using this device’s SNMP daemon to learn on the device’s SNMP configuration, (vxworks wdb). This may result in painful and sensitive data disclosure. Additionally, that the daemon’s read/write qualifications can’t be improved, nor will the daemon be handicapped by way of the device’s physical port (i.e. by way of keypad entered ). Throughout screening, the SNMP daemon appeared always perish when linking by means of Snmpwalk, necessitating dialing the telephone as a way to displace SNMP services.
Two ) The mobile’s rlogin interface TCP/513 is listening and demands no more authentication. A person connecting to the telephone using telnet/netcat is lost to a casing with no log in, (vxworks wdb). The casing gives an attacker complete accessibility to the Vxworks OS, for example debugging, immediate memory dumping/injection, monitoring apparatus, network and user setup data files, enable/disable/restart products and services and distant lock.
Additionally, there seems that there is no work around because the assistance might be disabled, nor will authentication into rlogin be empowered.
All these issues had been identified about My Country Mobile ‘s s2.0 applications release that was issued in April 2005. These certainly were documented to My Country Mobile at June 2005 and also all items recorded right here were adjusted from the August 2005 3.1s-t program discharge, (vxworks wdb). Present firmware in the Right Time of composing is currently 3.60st.
VoIP Stability Consultants — even Consultants who provide different safety solutions (vxworks wdb)
VOIP Consultants — even VoIP Consultants who can Offer security referrals or services beyond their Principal Field of company (vxworks wdb)
VoIP Stability Coaching — Stability Coaching Companies
VOIP Stability — VoIP Stability Facts (vxworks wdb)
VoIP Protection Vulnerabilities — Stability Vulnerabilities which were disclosed in VoIP merchandise
VoIP Protection Forum — Forum devoted to VoIP security problems (vxworks wdb)