Security Flaws in Pingtel Phone | eWeek

Security Flaws in Pingtel Phone

Verfasst von
Dennis Fisher
Dennis Fisher
Jul 22, 2002
2 minute read
eWeek Inhalte und Produktempfehlungen sind redaktionell unabhängig. Wir können Geld verdienen, wenn Sie auf Links zu unseren Partnern klicken. Mehr erfahren

Security researchers at @stake Inc. have found more than a dozen vulnerabilities in one of the most popular lines of voice-over-IP phones, some of which have consequences that go beyond the telephony infrastructure.

The researchers gained remote administrative access to Pingtel Corp.s Xpressa SIP (Session Initiation Protocol) PX-1 phones, hijacked calls to and from the handsets, and performed several other attacks as a result of the flaws, according to an advisory the company released last week.

The problems affect phones running Versions 1.2.5 through 1.2.7.4 of Pingtels VxWorks software.

Pingtel, of Woburn, Mass., sells its Java-enabled handsets to service providers and enterprise customers.

The most serious of the vulnerabilities is the result of a combination of two problems, according to the security researchers. The Xpressa phones ship without a password for the administrator account, which carries an unchangeable user name of “admin.” If the password is not set, an attacker with physical access to the phone can easily set the password, giving himself or herself administrative access to the phone.

A remote attacker can perform this same task using the phones Web user management interface.

With that accomplished, the attacker can remotely log in using the phones Telnet server. The Xpressa phone can then be used as “a fully POSIX-compliant network device with storage space, bandwidth and a CPU,” @Stakes advisory says. Having administrative access also gives attackers the opportunity to execute several other attacks.

“I dont think a lot of people building these devices are looking at the security implications of what theyre doing,” said Chris Wysopal, director of research and development at @Stake, in Cambridge, Mass. “These arent difficult attacks. Its just knowing where to look. You dont [need] special tools.”

Pingtel posted to its Web site a document called “Best Practices for Deploying Pingtel Phones” and wrote a detailed response to all the issues the researchers raised. The company recommends that customers upgrade to the 2.0.1 release of VxWorks, which addresses some of the vulnerabilities. “The @Stake advisory was a … fair assessment of our Xpressa IP phones for the most part,” said Steven Guthrie, Pingtels marketing director. “It motivated us to be more explicit about administering the phones. It was valuable to have third-party review, which resulted in positive action on our part. … Having the independent review by security experts was invaluable.”

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Eigentum von TechnologyAdvice. © 2026 TechnologyAdvice. Alle Rechte vorbehalten

Werbetreibenden-Offenlegung: Einige der auf dieser Website erscheinenden Produkte stammen von Unternehmen, von denen TechnologyAdvice eine Vergütung erhält. Diese Vergütung kann beeinflussen, wie und wo Produkte auf dieser Website erscheinen, einschließlich beispielsweise der Reihenfolge, in der sie erscheinen. TechnologyAdvice schließt nicht alle Unternehmen oder alle auf dem Marktplatz verfügbaren Produkttypen ein.