[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RPS/APS vulnerability in snom/yealink and others

The video was taken down by the the conference organizer at the
request of a vendor.

It has now been re-uploaded and can be seen here;

The video has been split into two parts due to YouTube HD restrictions.

Enjoy and apologies for the delay in getting this fixed


On Wed, Oct 23, 2013 at 11:10 PM, Cal Leeming [Simplicity Media Ltd]
<cal.leeming@xxxxxxxxxxxxxxxxxxxxxxxx> wrote:
> Hello,
> Discovered a vulnerability that allows for hundreds of thousands of
> SIP accounts to be compromised remotely.
> Found a year ago, partial vendor fixes but still vuln as of today,
> disclosed a few hours ago exclusively to the FreeSWITCH community -
> 23rd Oct 2013.
> Live disclosure can be seen here;
> http://www.youtube.com/watch?v=raXkHi_uGF8
> Slides are here;
> https://www.dropbox.com/s/hp5fj7e7o1mdnyt/Auto%20provisioning%20sucks.pptx
> Cal