Skip to content
cyberexploits
remotewindowstext

PhonerLite 2.14 SIP Soft Phone - SIP Digest Disclosure

PhonerLite 2.14 SIP Soft Phone - SIP Digest Disclosure

Published on 2014-04-01

Source code

Pinned to commit 7eac4c3a2ce5
textplatforms/windows/remote/32643.txt7eac4c3a
raw
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256



I. Advisory Summary



Title: SIP Digest Leak Information Disclosure in PhonerLite 2.14 SIP Soft Phone

Date Published: March 30, 2014

Vendors contacted: Heiko Sommerfeldt, PhonerLite author

Discovered by: Jason Ostrom

Severity: Medium



II. Vulnerability Scoring Metrics



CVE Reference: CVE-2014-2560

CVSS v2 Base Score: 4.3

CVSS v2 Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)

Component(s): PhonerLite SIP Soft Phone

Class: Information Disclosure



III. Introduction



PhonerLite [1] is a freeware SIP soft phone client running on the Windows

platform and supporting common VoIP features as well as security

functionality such as SIP TLS, SRTP, and ZRTP.



[1] http://www.phonerlite.de



IV. Vulnerability Description



PhonerLite SIP soft phone version 2.14 is vulnerable to revealing SIP MD5

digest authenticated user credential hash via spoofed SIP INVITE message

sent by a malicious 3rd party. After responding back to an authentication

challenge to the BYE message, PhonerLite leaks the hashed MD5 digest

credentials. After the 3rd party receives the dumped MD5 hash, they can use

this information to mount an offline wordlist attack. This SIP protocol

implementation issue vulnerability was initially discovered by Sandro Gauci

of Enable Security [2], with vendor soft phones and handsets showing

differential success in mitigating this flaw. CVE-IDs have been reserved

for two previous SIP soft phone implementations [3, 4] that were tested as

vulnerable.



[2] https://resources.enablesecurity.com/resources/sipdigestleak-tut.pdf

[3] CVE-ID for Gizmo5 soft phone: CVE-2009-5139

[4] CVE-ID for Linksys SPA2102 adapter: CVE-2009-5140



V. Technical Description / Proof of Concept Code



The following steps can be carried out in duplicating this vulnerability.



Step 1:

Use SIPp protocol tester to craft a SIP INVITE message using TCP transport

and forward the SIP message towards the IP address of the Windows PhonerLite

soft phone, listening on TCP port 5060

Step 2:

PhonerLite user answers call

Step 3:

PhonerLite user hangs up call, since there is no one talking (it is like

dead air)

Step 4:

Attacker receives BYE message from PhonerLite. Immediately after receiving

BYE, attacker sends a 401 challenge SIP message

Step 5:

PhonerLite responds with a second BYE message, containing SIP Authorization

header (which contains MD5 hash / response)

Step 6:

Attacker mounts an offline wordlist attack against the dumped MD5 hash using

sipdump/sipcrack



Additional Notes:

* The vulnerability verification was tested as a malicious 3rd party using

Kali Linux [5] distribution, with all tools included in distro.

* The attacker does not need to know the correct username of PhonerLite

registered SIP user. The attacker only needs to find the IP address of a

PhonerLite endpoint listening on TCP port 5060.

* The attacker does not need to know the digest realm field. A null realm

string of "NULL" or "null" will be sufficient in exploiting the flaw.

* Verified that PhonerLite is not vulnerable to this security flaw when

attacker uses UDP transport instead of TCP



[5] http://kali.org



VIII. Vendor Information, Solutions, and Workarounds



This issue is fixed in PhonerLite version 2.15



Resolution is the following, as specified by the author: A SIP UAC (User

Agent Client) should not send a 401 or 407. In other words, only a UAS

(User Agent Server) should send a 401 or 407 challenge. Therefore, a

401/407 will be dropped by the UAS (PhonerLite) if sent by a malicious 3rd

party UAC.



IX. Credits



This vulnerability has been discovered by:

Jason Ostrom of Stora



XX. Vulnerability History



Sun, 2/16/14: Vulnerability discovered

Wed, 3/12/14: Sent vulnerability disclosure to Heiko Sommerfeldt, info at

phoner.de

Thu, 3/13/14: Notified by author that Beta version has been uploaded, which

should fix problem. Attempted to verify with security testing of Beta 2.15.

Verified that issue has been resolved.

Sun, 3/30/14: Notified by author that fixed version (2.15) has been

uploaded

Sun, 3/30/14: Vulnerability disclosure posted



XXI. Disclaimer



The information contained within this advisory is supplied "as-is" with no

warranties or guarantees of fitness of use or otherwise. Stora accepts no

responsibility for any damage caused by the use or misuse of this

information.



-----BEGIN PGP SIGNATURE-----

Version: Encryption Desktop 10.3.2 (Build 15238)

Charset: us-ascii



wsBVAwUBUzl9EWRzm/FWea0uAQjX8gf/Ts6IWfPbMFeir5PxDrvQ2VWBNCESgODN

GgJQZaj6339ZxIMFC6IYoD4Uvx223igSB+OyYHLmGZOnQoES7Ilj2Or5Afe71Cqe

ExqYe2fTaZeyruWTgmPA296W3EEoT+Cedeyy5k0+sxK4ahKZ2DQgM/WIDDHU3X/B

nAJZWob+r2f2tQr+OBhy7saMEix9QMNeAEZCa+JJ8az9gxe6+AU9kdmwj9hPy+qc

ZDODMOSyvYojfuvE0oy0AyZ1OBWVpI9lSCI6wmUT6ihOpruz3OKQT+e1HyFoBvmX

aafzW7VlbxgS3EQRC25EWj61BYVIy7OpIFfOzymyBnL/qb0PTBmiDA==

=rmxn

-----END PGP SIGNATURE-----
View on GitHub