Walt Boyes here, stealing Joe's bully pulpit for a moment.
MU Security just sent me a press release, quoted below.
I submit there is a difference between what this release describes and the infamous Core/Citect incident.
And I further submit that the difference is NOT Citect's absolutely abysmal response.
I was told by my first boss that he didn't want to hear my problems, he wanted to hear my solutions to my problems. That's what I see happening here, and that's what the entire "grey hat" i...
Walt Boyes here, stealing Joe's bully pulpit for a moment.
MU Security just sent me a press release, quoted below.
I submit there is a difference between what this release describes and the infamous Core/Citect incident.
And I further submit that the difference is NOT Citect's absolutely abysmal response.
I was told by my first boss that he didn't want to hear my problems, he wanted to hear my solutions to my problems. That's what I see happening here, and that's what the entire "grey hat" industry has yet to internalize. They are so involved with playing the "gotcha" game they don't understand the very touchy ethics of playing gotcha with critical infrastructure security. MU appears to have gotten that right.
MU DYNAMICS DISCOVERS REMOTE DENIAL OF SERVICE VULNERABILITY IN WIDELY USED VOICE OVER IP ReSIProcate PRODUCT
SUNNYVALE, CA – July 11, 2008 – Mu Dynamics, a pioneer in helping network operators and their vendors eliminate downtime through proactive service assurance, has discovered and helped remediate a new programming flaw in ReSIProcate: A remotely exploitable Denial of Service vulnerability. The ReSIProcate components, particularly the SIP stack, is currently used in several Voice over IP (VoIP) commercial and open-source products. The project exists to maintain a complete, correct, and commercially usable implementation of SIP and a few related protocols.
http://labs.mudynamics.com/advisories.html
Affected Products/Versions: repro SIP proxy/registrar 1.3.2; however any product using the ReSIProcate SIP stack 1.3.2 may also be vulnerable.
http://www.resiprocate.org/ReSIProcate_1.3.2_Release
Product Overview: ReSIProcate is a SIP stack. SIP is a protocol used for session establishment that is widely used to support voice-over-IP telephony. “repro” is a SIP proxy/registrar that uses the ReSIProcate SIP stack. http://www.resiprocate.org/
Vulnerability Details: A malformed INVITE or OPTIONS message to the “repro” SIP proxy/ registrar can crash the process. The crash is caused by an assertion failure that occurs when the domain name in the request line URI is too long.
Vendor Response /Solution: Update to 1.3.3, available from https://www.resiprocate.org/files/pub/reSIProcate/releases/
This bug was also fixed by the ReSIProcate development team in SVN on April 23, 2008 (revision 7628).
History: July 1, 2008 - First contact with vendor
July 1, 2008 - Vendor acknowledges vulnerability
July 3, 2008 - Vendor releases 1.3.3
July 10, 2008 - Advisory released
Mu-4000 vector: *.request-line.line.dsv.uri.body.string.append-overflow
Credit: This vulnerability was discovered by the Mu Dynamics research team.
http://labs.mudynamics.com/pgpkey.txt
Related Content:
Mu VoIP Case Study - http://www.mudynamics.com/assets/docs/voip_case_study.pdf
Mu SIP Page - http://www.mudynamics.com/solutions/next-gen-ip-services/sip.html
Mu DoS Module - http://www.mudynamics.com/products/modules/dos.html
Mu DoS Demonstration - http://www.mudynamics.com/products/demo.html
The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...
Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...
Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...
Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...