02 April 2008

We've been hearing for years that widely-used VoIP systems may hold
large numbers of exploitable vulnerabilities, but a new report isolates
over 100 specific flaws that researchers have found in the applications.

According to VoIPshield Labs -- the research division of VoIPshield,
which markets security software for use in protecting Internet calling
tools -- the issues unearthed in some of the most popular VoIP software packages,
made by companies including Avaya, Cisco and Nortel, represent proof
that such technologies require far more scrutiny by security experts
and business users.

Among the flaws listed in the firm's new database of VoIP security
threats are those that could be used for unauthorized access, code
execution, denial of service or information harvesting attacks.