[VOIPSEC] maybe vulnerability at sjphone
Sharon Laiv
sharon.laiv at yahoo.com
Mon Dec 3 09:55:23 CST 2007
hi all,
I just did the following experiment:
I did a regular SIP call between 2 SJPhones (latest release), lets say from IP A to IP B.
While in a call, I stopped sending RTP from B to A.
Then I started sending RTP from C to A (C is not known to A and was no part of the signaling at all...).
as a result, A started to get and render the RTP stream from C and changed it's RTP stream to C!!!
So without no difficulty I I have stolen the strem from A to B....
( I guess this is a symmetric RTP like feature that is aimed to help the crossing of NATs)
any comments?
Thanks,
Sharon
____________________________________________________________________________________
Get easy, one-click access to your favorites.
Make Yahoo! your homepage.
http://www.yahoo.com/r/hs
More information about the Voipsec
mailing list