WengoPhone SIP Soft Phone Malformed Packet Denial of Service Vulnerability
BID:25300
Info
WengoPhone SIP Soft Phone Malformed Packet Denial of Service Vulnerability
| Bugtraq ID: | 25300 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2007-4366 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 13 2007 12:00AM |
| Updated: | May 07 2015 05:36PM |
| Credit: | Zwell is credited with discovering this issue. |
| Vulnerable: |
Wengo WengoPhone 2.1 |
| Not Vulnerable: | |
Discussion
WengoPhone SIP Soft Phone Malformed Packet Denial of Service Vulnerability
WengoPhone is prone to a denial-of-service vulnerability because the application fails to properly handle malformed data.
Successful exploits can allow remote attackers to crash the application, resulting in denial-of-service conditions.
This issue affects WengoPhone 2.1; other versions may also be affected.
WengoPhone is prone to a denial-of-service vulnerability because the application fails to properly handle malformed data.
Successful exploits can allow remote attackers to crash the application, resulting in denial-of-service conditions.
This issue affects WengoPhone 2.1; other versions may also be affected.
Exploit / POC
WengoPhone SIP Soft Phone Malformed Packet Denial of Service Vulnerability
The following exploit is available:
The following exploit is available:
Solution / Fix
WengoPhone SIP Soft Phone Malformed Packet Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
WengoPhone SIP Soft Phone Malformed Packet Denial of Service Vulnerability
References:
References: