Hello, Discovered a vulnerability that allows for hundreds of thousands of SIP accounts to be compromised remotely.
Found a year ago, partial vendor fixes but still vuln as of today, disclosed a few hours ago exclusively to the FreeSWITCH community - 23rd Oct 2013. Live disclosure can be seen here; http://www.youtube.com/watch?v=raXkHi_uGF8 Slides are here; https://www.dropbox.com/s/hp5fj7e7o1mdnyt/Auto%20provisioning%20sucks.pptx Cal
