Vonage VoIP Multiple Security Vulnerabilities
BID:26129
Info
Vonage VoIP Multiple Security Vulnerabilities
| Bugtraq ID: | 26129 |
| Class: | Unknown |
| CVE: |
CVE-2007-5791 CVE-2007-5792 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 24 2007 12:00AM |
| Updated: | Nov 15 2007 12:37AM |
| Credit: | Sipera VIPER Lab is credited with the discovery of these vulnerabilities. |
| Vulnerable: |
Motorola Phone Adaptor VT 2142-VD 0 |
| Not Vulnerable: | |
Discussion
Vonage VoIP Multiple Security Vulnerabilities
Vonage VoIP products and services are prone to multiple security vulnerabilities.
Successful exploits of these vulnerabilities could allow attackers to masquerade as legitimate users, steal authentication credentials, launch denial-of-service attacks, or eavesdrop on private conversations. Other attacks are also possible.
Vonage VoIP products and services are prone to multiple security vulnerabilities.
Successful exploits of these vulnerabilities could allow attackers to masquerade as legitimate users, steal authentication credentials, launch denial-of-service attacks, or eavesdrop on private conversations. Other attacks are also possible.
Exploit / POC
Vonage VoIP Multiple Security Vulnerabilities
An attacker can use readily available network tools to exploit these issues.
An attacker can use readily available network tools to exploit these issues.
Solution / Fix
Vonage VoIP Multiple Security Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Vonage VoIP Multiple Security Vulnerabilities
References:
References:
- VIPER-2007-050 Vonage VoIP phone adapter vulnerable to server impersonation (Sipera VIPER Lab)
- VIPER-2007-051 Vonage SIP servers vulnerable to registration replay attack (Sipera VIPER Lab)
- VIPER-2007-052 Vonage voice conversation may be vulnerable to eavesdropping (Sipera VIPER Lab)
- VIPER-2007-053 Vonage VoIP phone adapter vulnerable to flood Denial of Service a (Sipera VIPER Lab)
- Vonage Homepage (Vonage)