VoIP Vulnerabilities Unveiled at Black Hat
Jim Carr writes on SC Magazine Online:
VoIP phone systems, relying on so-called "soft phone" software, may have thousands of potential vulnerabilities, researchers at Sipera Systems said at the annual Black Hat conference this week in Las Vegas.More here.
Sipera revealed a technique that allowed researchers to take remote control of a PC running VoIP and the Session Initiation Protocol (SIP).
SIP is an application-layer control protocol used to create, modify and terminate sessions in IP PBX s, VoIP and other technologies.
The company's VIPER Lab research unit was able to take command of a PC running a soft phone VoIP application and cross boundaries into the data stored on the system. It did so by injecting a buffer overflow with an executable during an SIP-initiated call, according to Eric Winsborrow, Sipera's chief marketing officer.
0 Comments:
Post a Comment
<< Home