The Madynes research team have published details of a way to steal the Digest Authentication response and be able to perform a relay attack.
This is the post on the Voipsa mailing list.
They published the info in a presentation / slideshow form.
re-INVITE and authentication
Published on Nov 5, 2007 in sip security, caller-id spoofing