Re: RPS/APS vulnerability in snom/yealink and others

From: Cal Leeming [Simplicity Media Ltd] <>
To: bugtraq <>
Subject: Re: RPS/APS vulnerability in snom/yealink and others

The video was taken down by the the conference organizer at the
request of a vendor.

It has now been re-uploaded and can be seen here;

The video has been split into two parts due to YouTube HD restrictions.

Enjoy and apologies for the delay in getting this fixed


On Wed, Oct 23, 2013 at 11:10 PM, Cal Leeming [Simplicity Media Ltd]
<> wrote:
> Hello,
> Discovered a vulnerability that allows for hundreds of thousands of
> SIP accounts to be compromised remotely.
> Found a year ago, partial vendor fixes but still vuln as of today,
> disclosed a few hours ago exclusively to the FreeSWITCH community -
> 23rd Oct 2013.
> Live disclosure can be seen here;
> Slides are here;
> Cal

Copyright © 1995-2019 All rights reserved.