Multiple security vulnerabilities have been disclosed in softphone software from Linphone and MicroSIP that could be exploited by an unauthenticated remote adversary to crash the client and even extract sensitive information like password hashes by simply making a malicious call. The vulnerabilities, which were discovered by Moritz Abrell of German pen-testing firm SySS GmbH, have since been Continue reading...
