[Kamailio-Devel] [ openser-Feature Requests-2726791 ] check r-r header of reply

Alex Hermann alex at speakup.nl
Thu Apr 2 16:43:32 CEST 2009

On Thursday 02 April 2009, SourceForge.net wrote:
> for security reasons, it should be possible to make kamailio to check, if
> r-r uris of reply match those of request.  if check is not done, uac is
> vulnerable to proxy by-pass attack and nasty things may happen.

That doesn't help very much. This will only detect a malicious UAS, but it 
doesn't do anything to prevent it from bypassing the proxy. If the UAC (or 
UAS) is malicious, it can skip whatever RR-headers it wants.

Alex Hermann

More information about the Devel mailing list