CVE-2007-5469

Name of the Vulnerable Software and Affected Versions: OpenSER version 1.2.2

Description: The issue allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID, which can lead to toll fraud and authentication forward attacks. This occurs because OpenSER does not verify the Digest authentication header URI against the Request URI in SIP messages. Note that Debian disputes this issue, stating that having the two URIs mismatch is allowed by the standard and happens in some setups for valid reasons.

Recommendations: For OpenSER version 1.2.2, consider implementing additional authentication measures or restrictions to prevent unauthorized access and mitigate the risk of toll fraud and authentication forward attacks. As a temporary workaround, consider restricting access to sensitive SIP messages or implementing additional validation checks for Digest authentication credentials.