<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Bugtraq: Re: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP

Re: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP

From: Florian Weimer <fw_at_deneb.enyo.de>
Date: Tue, 17 Feb 2004 22:32:10 +0100

3APA3A wrote:

> ASN.1 is used by many services, but all use different underlying
> protocols. It's not likely NetMeeting or MS ISA server to be primary
> attack targets. Attack against MS IPSec implementation, Exchange,
> SMB/CIFS, RPC services, IIS and specially IE will no have impact to VoIP
> infrastructure (except connectivity degradation because of massive
> traffic).

I wish your assessment were true, but it's not. Cisco Call Manager is
based on Windows, and Cisco still has to certify the patches Microsoft
released.

It's sad that Microsoft apparently hasn't used those six months to
properly coordinate the issue with OEM vendors.
Received on Feb 18 2004

This message: [ Message body ]
Next message: intuit e.b.: "Smallftpd 1.0.3 DoS"
Previous message: Thomas M. Payerle: "Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS"
In reply to: 3APA3A: "Re: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP"
Next in thread: 3APA3A: "Re[2]: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP"
Reply: 3APA3A: "Re[2]: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]