Scanning for Trixbox vulnerabilities - Internet Security

SANS ISC InfoSec Forums

Scanning for Trixbox vulnerabilities
A reader writes in: HTTP scans have started to include a TRIXBOX (trixbox.org) vulnerability. Tribox is a modified implementation of the asterisk product focused at commercial enterprises. It combines asterisk with some Cisco monitoring features. It appears attackers are focusing on the cisco DOMIT RSS feature. xx.xx.xxx.xxx - - [31/Jan/2009:00:58:15 -1000] "GET /cisco/services/rss/DOMIT/ domit_rss/domitBanner.gif HTTP/1.1" 404 26 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"	Chris 140 Posts
Subscribe	Feb 1st 2009 1 decade ago