News

Dual-mode WiFi phones: security threat to corporate IT?

by Guy J Kewney | posted on 30 March 2007

"VoIP security is just beginning to get more attention now that VoIP
adoption has reached a tipping point in the last year," claims David Endler, chairman of the Voice over IP Security Alliance (VOIPSA).

Endler was endorsing an announcement by Sipera VIPER Lab, operated by Sipera Systems, of nine threat advisories for WiFi/dual mode telephones from vendors including RIM, HTC, Samsung, Dell and D-Link.

Sipera said: "Dual-mode phones are used to automatically switch between WiFi and cellular networks, thus providing lower costs, improved connectivity and a rich set of converged services utilizing protocols including SIP. However, these protocols also expose enterprise and service provider networks to new VoIP security issues. Left unchecked, these can be exploited by hackers, malicious users and spammers," the announcement concluded.

The full text of the Sipera announcement points to a complete list of vulnerabilities to corporate IT networks.

The major threat advisories issued today that affect WiFi/dual-mode
phones include:

A format string vulnerability in RIM Blackberry 7270 [illustrated, above left] SIP stack may allow a remote attacker to disable the phone's calling features (VIPER- 2007-023).

HTC HyTN using AGEPhone is vulnerable to malformed SIP messages sent over WLAN connections, which may cause active calls to disconnect (VIPER-2007-0026).

A buffer overflow vulnerability in Samsung SCH-i730 phones running SJPhone SIP Client may allow an attacker to disable the phone and slow down the operating system (VIPER-2007-0029).

Dell Axim running SJPhone SIP soft phone is vulnerable to denial of service attacks, which can freeze the phone and drain the battery (VIPER-2007-0030).

A vulnerability in the SDP parsing module of D-Link DPH-540/DPH-541 WiFi phones may allow remote attackers to disable the phone's calling features (VIPER-2007-031).