Sign up
 Vonage  

       
 
Vonage Forum Menu

Vonage Forums
Vonage VoIP Forum
mikebrown Posted:
Hello
there, Please
check out -
http://www.vonage-
forum.com/home-wir
ing-installation-g
uide.html
...

In The Forum:
Hard Wiring - Installation
Topic:
Hardwiring in a Rental House
On Oct 24, 2017 at 22:29:48

mikebrown Posted:
Hello, I think
you should consult
it with the Expert
they can surely
help you
...

In The Forum:
Hard Wiring - Installation
Topic:
Hardwiring in a Rental House
On Jun 24, 2017 at 09:15:34

Haniltery Posted:
For wipe call
history also some
of the offline, in
gengral , it
usually apply to
...

In The Forum:
Vonage
Topic:
How to Delete call history from online account?
On May 09, 2017 at 06:14:26

diana87 Posted:
You have to use
VPN service to
bypass
Geo-restrictions
and get free
access while
...

In The Forum:
Vonage
Topic:
Recent calling problem from Egypt
On May 02, 2017 at 17:28:06

dconnor Posted:
What is the main
number on the
account? And
which one is the
virtual number?
...

In The Forum:
Vonage UK
Topic:
How do you call 999
On Apr 27, 2017 at 18:52:02

Trafford Posted:
Seems like a
simple
question. We
rely exclusively
on a Vonage system
for our
...

In The Forum:
Vonage UK
Topic:
How do you call 999
On Apr 27, 2017 at 10:42:50

diazou Posted:
Hello, It's
compatible with
Android your phone
software
? Thanks!
...

In The Forum:
Vonage
Topic:
IP PBX for small business
On Mar 28, 2017 at 12:42:33

jeddaisg Posted:
Hi all We have
a Vonage VOIP
system for our
office. Lately,
our call quality
...

In The Forum:
Vonage
Topic:
Ethernet Cable; Wiring schematic? 568-B?
On Feb 23, 2017 at 18:33:52

beast321 Posted:
I don't know if
you heard, that
many more
Dreamcast games
are opened up
recently.
...

In The Forum:
Fax - Tivo - Alarms
Topic:
Using phone as a dial up modem for Dreamcast Gaming
On Feb 16, 2017 at 03:16:51

Av8rix Posted:
Sorry to start a
new thread on an
old topic but when
I google “Vonage
MAC address
...

In The Forum:
Vonage
Topic:
New adapter and router -- MAC change
On Jan 11, 2017 at 01:07:21


Vonage VoIP Forums

Vonage In The News
Vonage Expands International Presence with Investments in Asia Pacific Region

Vonage to Present at the Oppenheimer 20th Annual Technology, Internet & Communications Conference

Syndication

Vonage Customer Reviews
Salt Lake City: impressions after several months
Salt Lake City: impressions after several months



Review: My First Day With Vonage, Excellent!
Review: My First Day With Vonage, Excellent!



Great Price, No Complaints
Great Price, No Complaints



You need some common sense.
You need some common sense.



Vonage Customer Review: One month with Vonage, and...
Vonage Customer Review: One month with Vonage, and...




Vonage Reviews

Vonage http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038834.html ====================



http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038834.html

===============================================================

VENDOR:
UTStarcom

VENDOR NOTIFIED:
27 June, 2005 via sales at utstarcom.com

VENDOR RESPONSE:
None

PRODUCT:
UTStarcom F1000 Voip WIFI Phone
http://www.utstar.com/Solutions/Handsets/WiFi/

SOFTWARE VERSION:
s2.0
VxWorks (for Hornet VoWifi, ARM946ES (LE)
Factory Firmware) version 5.5.1.
Kernel: WIND version 2.6.
Made on Apr 5 2005, 14:49:39.

A. VULNERABILITY TITLE:
UTStarcom F1000 Voip Wifi phone SNMP daemon has default public read
credentials and the daemon cannot be disabled

VULNERABILITY DETAILS, IMPACT AND WORKAROUND:
UTstarcom F1000 SNMP daemon default public credentials allows an
attacker with access to the phone's SNMP daemon to read the phone's
SNMP configuration. This can lead to sensitive information disclosure.
In addition, the daemon's read/write credentials cannot be changed,
nor can the daemon be disabled via the phone's physical interface
(i.e. via keypad input). During testing, the SNMP daemon appeared
consistently die when connecting via Snmpwalk, requiring rebooting the
phone in order to restore SNMP service.

B. VULNERABILITY TITLE:
UTstarcom F1000 Voip Wifi Phone telnet server has known default
user/password credentials

VULNERABILITY DETAILS, IMPACT AND WORKAROUND:
The phone's operating system is Wind River's Vxworks. Default
credentials for this OS are publically known to be target/password.

By default, the telnet deamon is listening on the phone (TCP port 23)
providing WIFI network access to the phone's OS. Attackers can telnet
to the phone and gain access to the phone's Vxworks OS using the known
default credentials.

Impact is full access to the Vxworks OS, including debugging, direct
memory dumping/injection, read/write device, user and network
configuration files, enable/disable/restart services, remote reboot.
For a workaround, the default login/password can be changed.

C. VULNERABILITY TITLE:
UTstarcom F1000 Voip Wifi Phone rlogin (TCP/513) unauthenticated access

VULNERABILITY DETAILS, IMPACT AND WORKAROUND:
The phone's rlogin port TCP/513 is listening by default and requires
no authentication. An attacker connecting to the phone via
telnet/netcat is dropped into a shell without any login. The shell
provides an attacker full access to the Vxworks OS, including
debugging, direct memory dumping/injection, read/write device, user
and network configuration files, enable/disable/restart services,
remote reboot.

There appears to be no workaround as neither the service can be
disabled, nor can authentication to rlogin be enabled.



Read The Full Thread:

So I assume that the F1000 security issues are now resolved?


Have a look at the complete link: http://secunia.com/advisories/17629/ It

shawnmer posted "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038834.html ====================" on 12/13/2005

Vonage Service Plans


Vonage VoIP Members
Members List Members
New patsykf3
New Today 0
Yesterday 0
Total 101029

Who Is On Site
Visitors 1
Members 0
Total 1


Vonage VoIP Forum Members:
Login Here
Not a Member? You can Register Here
As a registered member you will have access to the VoIP Speed Test, Vonage Service Announcements and post comments in the
Vonage VoIP Forums

Site Search
 






†AK and HI residents pay $29.95 shipping. ††Limited time offer. Valid for residents of the United States (&DC), 18 years or older, who open new accounts. Offer good while supplies last and only on new account activations. One kit per account/household. Offer cannot be combined with any other discounts, promotions or plans and is not applicable to past purchases. Good while supplies last. Allow up to 2 weeks for shipping. Other restrictions may apply.

1Unlimited calling and other services for all residential plans are based on normal residential, personal, non-commercial use. A combination of factors is used to determine abnormal use, including but not limited to: the number of unique numbers called, calls forwarded, minutes used and other factors. Subject to our Reasonable Use Policy and Terms of Service.

2Shipping and activation fees waived with 1-year agreement. An Early Termination Fee (with periodic pro-rated reductions) applies if service is terminated before the end of the first 12 months. Additional restrictions may apply. See Terms of Service for details.

HIGH SPEED INTERNET REQUIRED. †VALID FOR NEW LINES ONLY. RATES EXCLUDE INTERNET SERVICE, SURCHARGES, FEES AND TAXES. DEVICE MAY BE REFURBISHED. If you subscribe to plans with monthly minutes allotments, all call minutes placed from both from your home and registered ExtensionsTM phones will count toward your monthly minutes allotment. ExtensionsTM calls made from mobiles use airtime and may incur surcharges, depending on your mobile plan. Alarms, TTY and other systems may not be compatible. Vonage 911 service operates differently than traditional 911. See www.vonage.com/911 for details.

** Certain call types excluded.

www.vonage-forum.com is not an official Vonage support website & is independently operated.
All logos and trademarks are property of their respective owners. All comments are property of their posters.
All other www.vonage-forum.com content is © Copyright 2002 - 2013 by 4Sight Media LLC.

Thinking of signing up for Vonage but have questions?
Business and Residential customers can call Toll Free 24 hours a day at: 1-888-692-8074
No Vonage Promotion Code or Coupon Codes are required at www.vonage.com to receive any special,
best Vonage cheap deals, free sign up offers or discounts.

[ | | | | | ]

Vonage Forum Site Maps

Vonage | VoIP Forum | How VoIP Works | Wiring and Installation Page Two | International Rate Plans 2 | Internet Phone
Promotion | Vonage Review | VoIP | Broadband Phone | Free Month | Rebate | Vonnage | Vontage | VoIP | Phone Service
Phone | llamadas ilimitadas a Mexico | Latest News | VoIP Acronyms | Deal | Philippines Globe Phone | Site Maps

The Vonage Forum provides the Vonage sign up Best Offer Promotion Deal.
If you are considering signing up for Vonage and have found our Vonage News, Customer Reviews, Forums
& all other parts of this site useful, please use our Vonage Sign up page.


Vonage VoIP Phone Service is redefining communications by offering consumers
& small business VoIP Internet phones, an affordable alternative to traditional phone service.
The Vonage VoIP Forum Generated This Page In: 0.18 Seconds and Pages In The Last 60 Seconds
The Vonage VoIP Forum