In association with heise online

21 November 2007, 12:35

Security Update for Alcatel OmniPCX telephone system software

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A vulnerability in Alcatel's OmniPCX Enterprise VoIP software could be used to play someone a telephone joke. A specially crafted TFTP request to the signalling server can cause a victim's telephone to work in one direction only. The TFTP packet must contain the MAC address of the victim's phone, which is very easy to change e.g. under Linux.

Even though the compromised phone can still make or take calls, and the other party can still hear the caller, the caller himself is prevented from hearing anything said at the other end of the communication. Instead, the system reroutes the audio stream to the attacker's computer. The vulnerability does not, of course, mean that conversations can be intercepted, since attackers can only hear the answers from the other party and not a complete conversation.

Alcatel OmniPCX Enterprise release 7.1 and earlier are affected. The problem does not occur with version 8.0. Although the problem can be fixed simply by manually rebooting the affected phone, the manufacturer has decided to provide an update for the vulnerable server versions.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit