The VoIPshield Systems security research group released details of 44 vulnerabilities affecting Voice over IP (VOIP) products from Avaya, Cisco, and Nortel. VoIPshield lists the majority of these vulnerabilities as previously undisclosed to the general public and unpatched. These vulnerabilities include the existence of hard-coded account credentials, denial of service, information disclosure, and arbitrary code execution vulnerabilities. An attacker may exploit some of these vulnerabilities to take complete control of the affected device.
IntelliShield will release vulnerability alerts to address the individual vulnerabilities.
A complete listing of the disclosed vulnerabilities is available at the following link: VoIPshield Systems