Thomson SpeedTouch 2030 SIP Empty Message Remote Denial of Service Vulnerability
BID:25464
Info
Thomson SpeedTouch 2030 SIP Empty Message Remote Denial of Service Vulnerability
| Bugtraq ID: | 25464 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 28 2007 12:00AM |
| Updated: | Sep 04 2007 03:31PM |
| Credit: | Humberto J. Abdelnur, Radu State, and Olivier Festor are credited with the discovery of this vulnerability. |
| Vulnerable: |
Thomson SpeedTouch 2030 1.52.1 |
| Not Vulnerable: | |
Discussion
Thomson SpeedTouch 2030 SIP Empty Message Remote Denial of Service Vulnerability
Thomson SpeedTouch 2030 is prone to a denial-of-service vulnerability because the device fails to handle specially crafted SIP INVITE messages.
Exploiting this issue allows remote attackers to cause the device to stop responding, thus denying service to legitimate users.
Thomson SpeedTouch 2030 is prone to a denial-of-service vulnerability because the device fails to handle specially crafted SIP INVITE messages.
Exploiting this issue allows remote attackers to cause the device to stop responding, thus denying service to legitimate users.
Exploit / POC
Thomson SpeedTouch 2030 SIP Empty Message Remote Denial of Service Vulnerability
An attacker can exploit this issue by using readily available network utilities.
The following exploit code is available:
An attacker can exploit this issue by using readily available network utilities.
The following exploit code is available:
Solution / Fix
Thomson SpeedTouch 2030 SIP Empty Message Remote Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Thomson SpeedTouch 2030 SIP Empty Message Remote Denial of Service Vulnerability
References:
References:
- Thomson SpeedTouch 2030 Homepage (Thomson)