Implementations of Session Initiation Protocol (SIP), an alternative VoIP protocol, can leave VoIP networks open to unauthorized transport of data.
The VoIPSA tools are intended to help businesses test and secure their networks, but these and other online tools can be used to probe for weaknesses as well.
Part of the reason may be that the largest VoIP vendors use proprietary protocols, such as Cisco’s Skinny, Nortel’s Unistim and Avaya’s variant of H.323, Orans says. SIP, which is gaining popularity, is a mixed bag, Orans says, because it is readily available to those who might want to exploit it. These options include firewalls and intrusion-prevention systems that support SIP (compare products).
Another reason for the lack of broad exploits is that there isnt enough ROI for attackers’ development time.
Hybrid PBX systems — which handle both VoIP and TDM voice — account for 64% of all PBX lines sold, according to a December 2007 Infonetics report.
http://www.networkworld.com/news/2007/121707-crystal-ball-voip-vulnerabilities.html