[VOIPSEC] VoIPSheild Labs
Dustin D. Trammell
dtrammell at bpointsys.com
Thu Jun 26 18:07:32 EDT 2008
Rather than reiterating my comments from VoIPSheild Labs' first round of
vulnerability advisories again in regard to their latest round of
advisories, I'll just refer everyone to my thoughts from the first
round. The concern I raise in the second paragraph is also applicable
to this round of vulnerability advisories:
http://article.gmane.org/gmane.comp.voip.security.voipsa/2525
One seemingly obvious duplication are all the "Message Storage Server *
Arbitrary Command Execution" advisories. This appears akin to finding a
single vulnerability in a web site's input parser, and then writing a
separate advisory for every single web page on that website that accepts
input.
Another really obvious duplication are all the "Serviceability
Monitoring Tool Unauthenticated Access to * Function" advisories. This
is like finding a device's web management interface is accessible
without authentication, and then writing an advisory for every single
administrative action (payload) you could possibly perform through that
interface.
VoIPSheild, either please stop blatantly duplicating vulnerability
advisories for each input vector or possible payload in order to pad
your numbers, or provide enough detail in the advisories to actually
differentiate the VULNERABILITIES from one another (read: different
attack vectors and payloads do not count) and prove me wrong.
--
Dustin D. Trammell
Security Researcher
BreakingPoint Systems, Inc.
More information about the Voipsec
mailing list