← volver
CVE-2009-5139

CVE-2009-5139

EPSS 0.4%
The SIP implementation on the Gizmo5 software phone provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://resources.enablesecurity.com/resources/sipdigestleak-tut.pdfhttp://voipsa.org/pipermail/voipsec_voipsa.org/2009-April/002946.html