From: Travis Potter (TPotter@SecureIntegrations.com)
Date: Tue Jan 13 2004 - 19:20:30 EST
It's better to use intelligent Fax Boards by Brooktrout or Dialogic to
control this Phase A(handshake) and Phase B(data transmission) portions
of communication at the firmware level as opposed to a modem with all
init and "at" strings commonly known that may or may not be vulnerable.
-----Original Message-----
From: Maarten [mailto:maartenh@phreaker.net]
Sent: Tuesday, January 13, 2004 12:49 PM
To: pen-test@securityfocus.com
Subject: potential fax server security issues?
Hi,
I was wondering if any of you has experience in testing fax servers. I
am looking for some insides on potential vulnerabilities on the modem
side of a fax server. Could an attacker for instance (potentially):
- Discover the fax server using a war dialler (yes)
- Connect to the fax server using his modem (yes)
- Initiate some kind of overflow on the fax server software after the
modem connection has been established, gaining a shell on the system????
Has anyone been looking into this kind of stuff? Am I being overly
paranoid at this point?
thanks!
Maarten
------------------------------------------------------------------------
--- ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:45 EDT