Sipera Viper Lab Identifies SIP Vulnerabilities That Threaten VoIP

After two years in stealth mode, reviewing, cataloging and analyzing VoIP and SIP vulnerabilities, Sipera VIPER Lab (cool name by the way, since I drive a Viper myself - photo to right ) today released at CTIA several threat advisories for WiFi/dual mode telephones from vendors including RIM, HTC, Samsung, Dell and D-Link. Sipera VIPER Lab also released information about a number of SIP vulnerabilities. These vulnerabilities can disable phones calling features, disconnect calls, and freeze phones, causing significant enterprise communications disruptions.

According to Sipera, they proactively identify VoIP threats through its Sipera VIPER Lab, which is comprised of experienced VoIP application developers, architects, and engineers, operating 24/7/365 from Richardson, Texas, and Hyderabad, India. The VIPER Lab researchers identify new vulnerabilities and potential exploits in VoIP protocols, VoIP equipment and phones. They also scan web sites, blogs, discussion groups, and media outlets for evidence of known, suspected and new VoIP vulnerabilities and attacks. These vulnerabilities are posted at http://www.sipera.com/viper as a service to Sipera's customers and the general public. Sipera VIPER Lab follows a disclosure policy which notifies equipment vendors, in advance, of the potential vulnerabilities and works with each of these vendors to publish a response/fix or identify other solutions to these security issues.

"VoIP security is just beginning to get more attention now that VoIP adoption has reached a tipping point in the last year. It is refreshing to see Sipera's launch of VIPER Lab that will assuredly help promote and advance the state of VoIP security research and help raise the overall awareness of VoIP threats and corresponding best practices," said David Endler, chairman of the Voice over IP Security Alliance (VOIPSA), an industry consortium created to drive adoption of VoIP by promoting the current state of VoIP security research, VoIP security education and awareness, and free VoIP testing methodologies and tools.

The major threat advisories issued today that affect WiFi/dual-mode phones include:
-- A format string vulnerability in RIM Blackberry 7270 SIP stack may
allow a remote attacker to disable the phone's calling features (VIPER-
2007-023).
-- HTC HyTN using AGEPhone is vulnerable to malformed SIP messages sent
over WLAN connections, which may cause active calls to disconnect
(VIPER-2007-0026).
-- A buffer overflow vulnerability in Samsung SCH-i730 phones running
SJPhone SIP Client may allow an attacker to disable the phone and slow
down the operating system (VIPER-2007-0029).
-- Dell Axim running SJPhone SIP soft phone is vulnerable to denial of
service attacks, which can freeze the phone and drain the battery
(VIPER-2007-0030).
-- A vulnerability in the SDP parsing module of D-Link DPH-540/DPH-541
WiFi phones may allow remote attackers to disable the phone's calling
features (VIPER-2007-031).

For additional details on these vulnerabilities or to see the complete list, visit http://www.sipera.com/viper.