SIP Digest Access Authentication RELAY-ATTACK for Toll-Fraud
In this post, we would like to inform about a potential Authentication
vulnerability
in SIP, where all SIP equipments using Digest Access Authentication
which can issue
re-INVITEs are vulnerable.
The
On Nov 4, 2007 8:45 AM, Radu State [EMAIL PROTECTED] wrote:
P is the proxy located at URL:proxy.org
http://proxy.org X is the attacker located at URL: attacker.lan.org
V is the victim located at URL: victim.lan.org
V is also registered with P under the username