Brekeke Documents

Find user guides, developer guides, API references, tutorials, and more!

eNews Archive

  1. eNews Archive
  2. News Top page
  3. Archived News(2008-2018)
    1. 2018
    2. 2017
    3. 2016
    4. 2015
    5. 2014
    6. 2013
    7. 2012
    8. 2011
    9. 2010
    10. 2009
      1. Brekeke Joins Polycom’s Technology Partner Program (12/2009)
      2. Partnering with Consona to bring the best-of-breed Contact Center Solution (11/2009)
      3. Introducing the improved and more affordable Brekeke SIP Server Advanced Edition (10/2009)
      4. Need conversion for TCP-UDP or UDP-TCP? (9/2009)
      5. Free Outlook Click-to-Call application now available (8/2009 -2)
      6. Use Google Voice with Brekeke PBX (8/2009 -1)
      7. Tips from our Developers: Block Unwanted Calls (7/2009)
      8. Get local phone numbers in 9,000 cities in 60 nations (6/2009)
      9. Version 2.3 Standard Release (5/2009)
      10. Redundancy/High Availability SIP Server + Version 2.3 Update (4/2009)
      11. Security Advisory: Vulnerability in Brekeke Products Could allow unauthorized use of phone lines
      12. Version 2.2 Update (Standard) Release (3/2009)
      13. Version 2.3 Now Available | BLF/SCA/Presence Feature Added (2/2009)
      14. High-Performance with enhanced reliability- Brekeke SIP Server Advanced Edition (1/2009)
    11. 2008

Security Advisory: Vulnerability in Brekeke Products Could allow unauthorized use of phone lines

Published: March 11, 2009

The vulnerability affects users who configure their Brekeke server software to allow access without REGISTER and INVITE authentication settings. 

In publicly accessible servers where Brekeke products were installed without authentication settings, malicious guests could potentially use phone lines with public analog line (PSTN) connections to execute unauthorized outgoing calls. 

[Affected Products]
OnDO SIP Server
OnDO PBX
Brekeke SIP Server (v2.2.7.6 or earlier)
Brekeke PBX (v2.2.7.6 or earlier)

[Solutions]
Add following settings described at the below link at Brekeke products:
http://wiki.brekeke.com/wiki/Security

[Recommendation]
For the users who use OnDO SIP Server and OnDO PBX, we strongly recommend upgrading to the latest Brekeke SIP Server or Brekeke PBX. Our current product line offers higher security protection and reliability. We offer upgrade discounts for commercial license holders. To request an upgrade, please send an inquiry from the link below:
http://www.brekeke.com/buy/buy_upgrade.php

Yes No
« Redundancy/High Availability SIP Server + Version 2.3 Update (4/2009)Version 2.2 Update (Standard) Release (3/2009) »
Suggest Edit