Dear Florian Weimer, It's different thing. Any infrastructure based on Windows is under risk. But it's not because VoIP uses ASN.1. --Wednesday, February 18, 2004, 12:32:10 AM, you wrote to 3APA3A@SECURITY.NNOV.RU: FW> 3APA3A wrote: >> ASN.1 is used by many services, but all use different underlying >> protocols. It's not likely NetMeeting or MS ISA server to be primary >> attack targets. Attack against MS IPSec implementation, Exchange, >> SMB/CIFS, RPC services, IIS and specially IE will no have impact to VoIP >> infrastructure (except connectivity degradation because of massive >> traffic). FW> I wish your assessment were true, but it's not. Cisco Call Manager is FW> based on Windows, and Cisco still has to certify the patches Microsoft FW> released. FW> It's sad that Microsoft apparently hasn't used those six months to FW> properly coordinate the issue with OEM vendors. -- ~/ZARAZA Ну а теперь, Уильям, хорошенько поразмыслите над данным письмом. (Твен)
