Thomson SpeedTouch 2030 SIP Invite Message Remote Denial of Service Vulnerability
BID:25446
Info
Thomson SpeedTouch 2030 SIP Invite Message Remote Denial of Service Vulnerability
| Bugtraq ID: | 25446 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2007-4553 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 27 2007 12:00AM |
| Updated: | May 07 2015 05:35PM |
| Credit: | Humberto J. Abdelnur, Radu State, and Olivier Festor are credited with the discovery of this vulnerability. |
| Vulnerable: |
Thomson SpeedTouch 2030 1.52.1 |
| Not Vulnerable: | |
Discussion
Thomson SpeedTouch 2030 SIP Invite Message Remote Denial of Service Vulnerability
Thomson SpeedTouch 2030 is prone to a denial-of-service vulnerability because the device fails to handle specially crafted SIP INVITE messages.
Exploiting this issue allows remote attackers to cause the device to stop responding, thus denying service to legitimate users.
This issue affects Thomas SpeedTouch 2030 firmware 1.52.1; other versions may also be affected.
Thomson SpeedTouch 2030 is prone to a denial-of-service vulnerability because the device fails to handle specially crafted SIP INVITE messages.
Exploiting this issue allows remote attackers to cause the device to stop responding, thus denying service to legitimate users.
This issue affects Thomas SpeedTouch 2030 firmware 1.52.1; other versions may also be affected.
Exploit / POC
Thomson SpeedTouch 2030 SIP Invite Message Remote Denial of Service Vulnerability
To exploit this issue, attackers may use readily available network utilities.
The following exploit code is available:
To exploit this issue, attackers may use readily available network utilities.
The following exploit code is available:
Solution / Fix
Thomson SpeedTouch 2030 SIP Invite Message Remote Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Thomson SpeedTouch 2030 SIP Invite Message Remote Denial of Service Vulnerability
References:
References:
- Thomson SpeedTouch 2030 Homepage (Thomson)