Media Injection and Manipulation

Popularity:

7

Simplicity:

7

Impact:

8

Risk Rating:

7

This class of transport-level vulnerabilities encompasses a large number of different attacks, targeting both RTP and RTCP protocols. The common characteristic is that an attacker is able to inject rogue packets into a data stream. Depending on the form of RTP/RTCP packets inserted, several outcomes are possible:

• SSRC collisions resulting in interruption of arbitrary conversations

• SSRC manipulation to inject unsolicited arbitrary content inside the legitimate audio stream via higher timestamp and sequence numbers

• CoDec manipulation

• RTCP insertion to degrade the conversation's quality and RTP/RTCP insertion and CoDec manipulation to degrade the conversation's quality

Finally, it may also be possible to force VoIP equipment to effectively perform a media stream flood against an arbitrary target.

This attack can impact on integrity and availability requirements of the CIA paradigm, leading to denial of service and a special kind of call hijacking.

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook


Post a comment