Sipera Viper Labs: Generic Threats

Sipera Viper Labs: Generic Threats http://www.sipera.com/viper Fri, 03 Sep 2010 01:46:52 -0500 ContentFeeder 2.0 Unencrypted RTP vulnerable to capture and reconstruction http://www.sipera.com/index.php?action=resources,threat_advisory&tid=264 RTCP may expose internal IP addresses and private user names across NAT device http://www.sipera.com/index.php?action=resources,threat_advisory&tid=265 Weak SRTP encryption algorithm may be brute-forced to compromise confidentiality of communication http://www.sipera.com/index.php?action=resources,threat_advisory&tid=268 Traffic analysis of RTP source and destination IP addresses may reveal communication pattern http://www.sipera.com/index.php?action=resources,threat_advisory&tid=266 Improper implementation of security mechanism for SRTP may compromise communication confidentiality http://www.sipera.com/index.php?action=resources,threat_advisory&tid=267 RTP sequence number and timestamp can be guessed to inject media packets that may be accepted by receiver as legitimate http://www.sipera.com/index.php?action=resources,threat_advisory&tid=269 RTP packet receivers vulnerable to injected RTP packets with malicious payload types http://www.sipera.com/index.php?action=resources,threat_advisory&tid=270 RTP stream may contain active content which can potentially execute arbitrary operations on the receiver http://www.sipera.com/index.php?action=resources,threat_advisory&tid=271 SIP compliant clients may be vulnerable to transport rollback vulnerability http://www.sipera.com/index.php?action=resources,threat_advisory&tid=178 Insufficient integrity checks on SIP digest authentication messages http://www.sipera.com/index.php?action=resources,threat_advisory&tid=179 Absence of server authentication during SIP digest authentication http://www.sipera.com/index.php?action=resources,threat_advisory&tid=180 Registrar honors replayed authentication parameters http://www.sipera.com/index.php?action=resources,threat_advisory&tid=181 No cross-check performed between username of user requesting authentication and username used in credentials during SIP digest authentication http://www.sipera.com/index.php?action=resources,threat_advisory&tid=182 Some implementations of SIP Proxy may honor replayed authentication credentials http://www.sipera.com/index.php?action=resources,threat_advisory&tid=183 Presence Servers may be vulnerable to overloading of subscriptions by spoofing credentials http://www.sipera.com/index.php?action=resources,threat_advisory&tid=184