OpenSER 1.2.2 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID (aka "toll fraud and authentication forward attack"). NOTE: Debian disputes this issue, stating that "having the two URIs mismatch is allowed by the standard and happens in some setups for valid reasons.
References
Configurations
History
21 Nov 2024, 00:37
Type | Values Removed | Values Added |
---|---|---|
References | () http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446956 - | |
References | () http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066581.html - | |
References | () http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066691.html - | |
References | () http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066694.html - | |
References | () http://secunia.com/advisories/27204 - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/26057 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/37197 - |
07 Nov 2023, 02:01
Type | Values Removed | Values Added |
---|---|---|
Summary | OpenSER 1.2.2 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID (aka "toll fraud and authentication forward attack"). NOTE: Debian disputes this issue, stating that "having the two URIs mismatch is allowed by the standard and happens in some setups for valid reasons. |
Information
Published : 2007-10-16 00:17
Updated : 2024-11-21 00:37
NVD link : CVE-2007-5469
Mitre link : CVE-2007-5469
CVE.ORG link : CVE-2007-5469
JSON object : View
Products Affected
openser
- openser
CWE
CWE-264
Permissions, Privileges, and Access Controls