Unsure why some of these vendors don't join this list. One of my clients who is an Allworx reseller, passed on the advisory. www.infiltrated.net/Allworx_Service_Bulletin_Security_Advisory.pdf I may (from the security standpoint) switch things up this year (vendors on this list beware). There are so many vulnerabilities that have yet to be addressed and although I am often torn about "disclosure," I WILL GO OUT on a whim and say Allworx knew this was an issue, and likely brushed it off as it was not reported. So back to my "switching things up", to those vendors on this list, I suggest you go back to your security queues and get things in order. In these days and times, its darn right absurd for backdoor accounts, and letting security issues linger for years. -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT, RWSP, GREM "Where ignorance is our master, there is no possibility of real peace" - Dalai Lama 42B0 5A53 6505 6638 44BB 3943 2BF7 D83F 210A 95AF http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x2BF7D83F210A95AF