Re: Cisco IP Phone vulnerability
alessandro salvatori <sandr8 <at> gmail.com>
2007-04-01 04:07:39 GMT
Hey it is still March 31st in CA!
A l e s s a n d r o
S a l v a t o r i
On 3/31/07, J. Oquendo <sil <at> infiltrated.net> wrote:
> -----BEGIN LSD SIGNED MESSAGE-----
> Infiltrated.net Security Advisory:
> Cisco IP Phone Denial of Service
> Revision 6.9
> For Public Release
> The Cisco IP Phones are subject to a denial of
> This vulnerability has not yet been documented
> by Cisco but it should be allocated the bug ID
> 31337 by staff <at> PSIRT
> This advisory will be posted at
> Affected Products
> All Cisco IP Phones
> Proof of Concept
> Cisco Security Procedures
> Complete information on reporting security
> vulnerabilities in Cisco products, obtaining
> assistance with security incidents, and
> registering to receive security information from
> Cisco, is available on Cisco's website at
> All Cisco security advisories are available at
> Cisco IP Phones are subject to a denial of service.
> Users who disconnect their ethernet cables will
> lose their dial tones and their present call will
> drop as well as subsequent incoming calls.
> While the attack may be local at present time,
> security engineers Infiltrated Networks (a division
> of Fscker Inc. with no relation to Halliburton)
> are devising telekinetic attacks along with Miss
> Cleo in order to provide a working disconnection
> attack tool.
> All your phone sex belongs to null 0
> Software Versions and Fixes
> The only fix is to plug your phone back into a PoE
> switch or plug in its power cord.
> Obtaining Fixed Software
> Infiltrated Networks and Fscker Inc. is offering
> its services at the low price of $1000.00 an hour
> in consulting fees to remedy this attack, with a
> 100 hour minimum retainer fee. In fact, for those
> seeking to purchase a PoC code of the mentioned
> vulnerability, contact us, we'll gladly take your
> milk money.
> Don't unplug your phone. Don't unplug your PoE
> switches. Don't live in areas where electricity
> is sporadic. Don't play with matches, and don't
> drive while under the influence of anything that
> is currently mentioned at http://www.bumwine.com
> Exploitation and Public Announcements
> Infiltrated.net is not aware of any public
> announcements or malicious use of the
> vulnerability described in this advisory.
> This vulnerability was reported to us
> losers, by another bigger loser who wishes
> to retain his or her anonyminity out of
> fear of obtaining "Michael Lynn Disease"
> where a frivolous denial of service attack
> via litigation will ensue and weaken the
> immune system.
> Status of This Notice: FINAL
> This is a final Infiltrated.net advisory. Although
> we cannot guarantee the accuracy of all statements
> in this notice, we still passed it on to you the
> consumer knowing full well a cease and desist letter
> will be sent and added to our collection. All of the
> facts have however been checked to the best of our
> ability while not under the influence of Prozac,
> Valtrex, Valium, Lithium and lest we forget, weapons
> of mass destruction of which you will not find since
> we have them buried in the secret stash boxes of our
> Nissan, Lexus, WRX, and Cherokee alongside our Glocks.
> Revision History
> Revision 6.9 Initial public release
> This notice is Copyright 2007 by Infiltrated.net.
> This notice may be redistributed freely after the
> release date given at the top of the text,
> provided that redistributed copies are complete
> and unmodified, and include all date and version
> information. Pictures of your fiance, wife,
> girlfriend can be e-mailed to us if said
> individuals did not yet e-mail to us on their
> own. Infiltrated Networks, sil, and our oddball
> affiliates remind those on the security scene to
> keep it real.
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/