[<prev] [next>] [day] [month] [year] [list]
Message-ID: <8D8863BB65A02F47A303E5B76661267101147478@exmb1.zonelabs.com>
Date: Tue, 17 Feb 2004 14:29:24 -0800
From: "John LaCour" <jlacour@...elabs.com>
To: "Gadi Evron" <ge@...tistical.reprehensible.net>,
<bugtraq@...urityfocus.com>
Cc: <full-disclosure@...ts.netsys.com>,
"Zak Dechovich" <ZakGroups@...ureol.com>
Subject: RE: ASN.1 telephony critical infrastructure warning - VOIP
> Gadi Evron wrote:
>
> ASN is what VOIP is based on, and thus the critical
> infrastructure for
> telephony which is based on VOIP.
>
> Zak Dechovich wrote:
>
> > Mail from Zak Dechovich <ZakGroups@...UREOL.COM>
> >
> >
> > ASN1 is mainly used for the telephony infrastructure
> (VoIP), > any code that attacks this infrastructure can be
"ASN.1 is what VoIP is based on" is an overly broad statement.
The ITU H.323 umbrella of protocols use ASN.1 as the data
encoding method for several of the protocols.
There are many other VoIP signaling protocols which don't
use ASN.1. SIP comes to mind. Most VoIP media is RTP
(RFC 3550) which doesn't use ASN.1 at all.
Particular VoIP implementations that happen to use ASN.1
may or may not use it correctly. Those that have flawed
ASN.1 implementations may or may not be exploitable. If
a given system is exploitable, its likely that the exploit
will be specific to a certain vendor and/or platform.
IMHO, the possibility of some kind of VoIP worm propagating
by exploiting ASN.1 is highly unlikely.
-John
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists