VoIP phone phreaked by security hole - Network World

Skip Links

DNSstuff.com
Get information about your IP
IP Information
50+ On-demand DNS and network tools

Security

Videos

rssRss Feed
Get instant email notification when white papers, webcasts, executive guides are added to our library.  Stay informed and up-to-date with the latest on IT Technologies with Network World's Resource Alerts.
Audio

Crackin' the Kraken bot. Listen now!

Network World's Newsmaker of the Week

Wireless dangers at airports. Listen now!

Network World Panorama

Additional Resources

RSS

FEATURED REPORTS

Executive Guide: Storage Heats Up HP

Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.

RSS

FEATURED WEBCASTS

Reduce the Complexity and Cost of Windows Server Consolidation in Six Modules Novell

Watch this webcast to learn in six modules how to more cost effectively consolidate your Windows servers with virtualization. This unique program allows you to pick and choose which of the six modules you would like to view or watch the entire webcast at once. Topics covered: Performance, Use Cases, Enterprise-level Support, Managing Windows Workloads, Setup and Configuration and The Future. Find out how you can simplify server consolidation within your organization today. Register below to learn more and be entered to win an Archos 605 Portable Media Player.

IT Buyer's Guides

View All Buyer's Guides

Free Newsletters

Sign up and receive the latest news, reviews and trends on your favorite technology topics

Save The Date!
What They Are Saying

Most Westerners don't realize that most Chinese don't care about censorship, or even approve of it. There...- Anonymous

Join the Discussion

VoIP phone phreaked by security hole

By John E. Dunn , TechWorld , 02/12/2008
  • Social Web 
  • Email 
  • Feedback 
  • Close

Researchers have discovered a serious vulnerability in the Web interface used to control a commonly-found VoIP phone, SNOM Technology's model 320.

Attackers need the IP address of the phone being targeted to start the attack, but assuming they have this they can use a cross-site scripting approach to hack the phone's built-in management interface, allowing a range of unwelcome activities.

These include stealing or tampering with phone logs and address book, calling third parties (while appearing to be located at the hacked handset), changing the phone's text display, and even monitoring conversations in the room in which the phone sits without the victim being aware that it is happening. Any calls made from the 'phreaked' handset would be at the owner's expense.

The outfit that uncovered the issue -- GNUCitizen -- has posted proof-of-concept code. German company SNOM has been informed, a GNU spokesperson said, but the company had not responded or given an indication of a likely timescale for patching.

"By crafting a XSS-CSRF vector he/she can inject a persistent XSS into the address book. When the victim visits the phone book, the XSS worm is silently executed and the attacker gains a total control over the interface and the actions that will be performed in the future. This also circumvents any protection mechanisms like VPN or comparable network layers," the GNU Citizen blog claims.

"I've tried to patch the phone with the latest firmware but that didn't work - the phone was temporarily disabled after the process and when it began responding again the firmware version was still the same."

SNOM was asked for comment but had not replied at the time of going to press.

GNUCitizen, which describes itself as an "ethical hacker outfit", has some form in finding embarrassing bugs in hardware. Only last month, the group humbled the mighty BT by finding an authentication hole in the VoIP element of the BT Home Hub broadband gateway.

VoIP security tends to be ignored because it has yet reach mainstream levels of penetration, but many experts have warned that the technology is in danger if turning the humble home or business telephone into a new class of vulnerable device (Compare VoIP Security products).

No surprise that the sector is in the rise. This week saw the creation of a new U.K. company, UM Labs , which plans to start selling a range of security gateways to secure the VoIP traffic in and out of a network. The latest SNOM issue affects the device itself and would not necessarily be protected by such systems. As with other areas of the tech industry, VoIP handset makers could find themselves having to update and patch products as do the makers of every other type of network equipment.

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to moderator approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.
First Name
Last Name
E-mail
Zip Code