Linksys SPA941 \377 Character Denial of Service Vulnerability
BID:23619
Info
Linksys SPA941 \377 Character Denial of Service Vulnerability
| Bugtraq ID: | 23619 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 24 2007 12:00AM |
| Updated: | Apr 24 2007 05:10PM |
| Credit: | Madynes research team at INRIA is credited with the discovery of this vulnerability. |
| Vulnerable: |
Linksys SPA941 VoIP Phone 0 |
| Not Vulnerable: | |
Discussion
Linksys SPA941 \377 Character Denial of Service Vulnerability
Linksys SPA941 phones are prone to a remote denial-of-service vulnerability.
Exploiting this issue allows remote attackers to cause the device to reboot, effectively denying service to legitimate users.
Linksys SPA941 phones are prone to a remote denial-of-service vulnerability.
Exploiting this issue allows remote attackers to cause the device to reboot, effectively denying service to legitimate users.
Exploit / POC
Linksys SPA941 \377 Character Denial of Service Vulnerability
The following proofs of concept are available:
The following proofs of concept are available:
Solution / Fix
Linksys SPA941 \377 Character Denial of Service Vulnerability
Solution:
The vendor has reportedly stated that the issue will be addressed in upcoming firmware releases. Please see the vendor references for more information.
Solution:
The vendor has reportedly stated that the issue will be addressed in upcoming firmware releases. Please see the vendor references for more information.
References
Linksys SPA941 \377 Character Denial of Service Vulnerability
References:
References:
- Linksys Homepage (Linksys)
- Linksys SPA941 Product Page (Linksys)
- Linksys SPA941 remote DOS with \377 character (MADYNES Security)