← voltar
CVE-2009-5139

CVE-2009-5139

EPSS 0.4%
The SIP implementation on the Gizmo5 software phone provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://resources.enablesecurity.com/resources/sipdigestleak-tut.pdfhttp://voipsa.org/pipermail/voipsec_voipsa.org/2009-April/002946.html