Last Updated: 2009-02-02 16:50:48 UTC
by Chris Carboni (Version: 1)
A reader writes in:
HTTP scans have started to include a TRIXBOX (trixbox.org) vulnerability. Tribox is a modified implementation of the asterisk product focused at commercial enterprises. It combines asterisk with some Cisco monitoring features. It appears attackers are focusing on the cisco DOMIT RSS feature.
xx.xx.xxx.xxx - - [31/Jan/2009:00:58:15 -1000] "GET /cisco/services/rss/DOMIT/