| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <fb0927a80511161248k64dac739i509707bdd51c255e@mail.gmail.com> Date: Wed Nov 16 20:51:25 2005 From: shawnmer at gmail.com (Shawn Merdinger) Subject: Senao SI-680H VoIP Wifi phone undocumented open port I disclosed today the following vulnerability at the 32nd CSI conference in Washington, D.C. <https://www.cmpevents.com/CSI32/a.asp?option=G&V=3&id=406438> Thanks, Shawn Merdinger =============================================================== VENDOR: Senao VENDOR NOTIFIED: 28 June, 2005 VENDOR RESPONSE: None PRODUCT: Senao SI-680H VOIP WIFI Phone http://www.senao.com/english/product/product_wired_dsl_1.asp?tp1id=03&tp2id=02&proid=000186 SOFTWARE VERSION: Current Firmware Version 0.03.0839 Current Firmware Date 2005.04.20 Current BSP Version V 2_2_1/37 Feb 11 2005,12:26:46d Hardware version 1.7.0 A. VULNERABILITY TITLE: Senao SI-680H VOIP WIFI phone undocumented open port UDP/17185 VULNERABILITY DETAILS, IMPACT AND WORKAROUND: 1. An udocumented open port, UDP/17185, VxWorks WDB remote debugging (wdbrpc) is left in from development. This open port may allow an attacker unauthenticated access to the phone's OS, perhaps yielding sensitive information, creating opportunities for DoS, etc. There appears to be no workaround to disabling this open port.
Powered by blists - more mailing lists