|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Tue Jun 26 2007 - 18:17:10 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
----------------------------------------------------------------------
Try a new way to discover vulnerabilities that ALREADY EXIST in your
IT infrastructure.
The Full Featured Secunia Network Software Inspector (NSI) is now
available:
http://secunia.com/network_software_inspector/
The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT
vulnerabilities in more than 4,000 different Windows applications.
----------------------------------------------------------------------
TITLE:
Avaya 4602SW SIP Phone Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA25747
VERIFY ADVISORY:
http://secunia.com/advisories/25747/
CRITICAL:
Moderately critical
IMPACT:
Hijacking, Security Bypass, DoS
WHERE:
From remote
REVISION:
1.4 originally posted 2007-06-20
OPERATING SYSTEM:
Avaya 4602SW SIP Phone (Model 4602SWDOA2)
http://secunia.com/product/14561/
DESCRIPTION:
Sipera VIPER Lab has reported some weaknesses and a vulnerability in
Avaya 4602SW SIP Phone, which can be exploited by malicious people to
hijack calls, bypass certain security restrictions, or cause a DoS
(Denial of Service).
1) A constant media port number is used for every new call, which can
be exploited to e.g. degrade the voice quality by flooding the RTP
port.
2) An unspecified error can be exploited to cause the phone to reboot
or be temporarily disabled (e.g. cannot make or receive calls) via
flooding port 68/UDP.
3) Arbitrary SIP INVITE requests are accepted, which allows an
attacker to send messages directly to the phone.
4) The cnonce parameter in the Authorization header of SIP requests
is not used and can be exploited to hijack the call.
The vulnerability and weaknesses affect version 2.2.2 and prior of
the SIP firmware.
SOLUTION:
No fix is currently available.
PROVIDED AND/OR DISCOVERED BY:
Sipera VIPER Lab
CHANGELOG:
2007-06-22: Added CVE reference.
ORIGINAL ADVISORY:
Avaya:
http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm
Sipera VIPER Lab:
http://www.sipera.com/index.php?action=resources,threat_advisory&tid=302&
http://www.sipera.com/index.php?action=resources,threat_advisory&tid=301&
http://www.sipera.com/index.php?action=resources,threat_advisory&tid=300&
http://www.sipera.com/index.php?action=resources,threat_advisory&tid=299&
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]