[VOIPSEC] Any solution to the SIP Digest Leakage vulnerability?

Sandro Gauci publists at enablesecurity.com
Sat Apr 4 07:24:04 EDT 2009


Hi all,

I'm sure some of you have already read about the research that I was
working on. To summarize, there's a security flaw that affects a large
number of IP Phones and other SIP endpoints. I'm interested in having
discussing the sort of solutions that would address this issue.

If you are not familiar with what I'm talking about please read the
following document
(skip to the section "Understanding the attack" if you're in a hurry) :
http://enablesecurity.com/resources/how-to-exploit-the-sip-digest-leak-vulnerability-by-using-voippack/

The VOIPSA blog also covered this briefly:
http://voipsa.org/blog/2009/03/31/tricking-sip-endpoints-into-divulging-authentication-credentials/

Solutions might include changes in software and firmware,
infrastructural changes etc.

As for a technical solution, at this point I think that SIP endpoints
should check the IP address of the destination that they are sending a
challenge response to and make decisions based on that. Do you see
this as being an effective solution, any downsides?


Regards,

Sandro Gauci
Chief Consultant and Founder of EnableSecurity
Email: sandro at enablesecurity.com
Web: http://enablesecurity.com/
PGP: 514D B10C 8C3C 15BB 2EFD  49EC 7CCD 73C5 0295 F23B




More information about the Voipsec mailing list