Hi, i'm not that deep into SIP servers / proxies but as far as i can see gb_bash_shellshock_sip_remote_cmd_exec_vuln.nasl is currently only checking for those vulnerable servers on the UDP SIP port where Kamailio and openSIPS systems are also listening on TCP according to their documentation:
http://www.opensips.org/Documentation/Script-CoreParameters-1-9#toc56 http://kamailio.org/dokuwiki/doku.php/core-cookbook:3.0.x#listen Anyone has any experiences with such systems and could confirm if my observations are correct? Thanks in advance for a reply. _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
