| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 8 Dec 2006 10:10:16 -0500 From: "pingywon" <pingywon@...mail.com> To: "Shawn Merdinger" <shawnmer@...il.com>, <full-disclosure@...ts.grok.org.uk> Subject: Re: Linksys WIP 330 VoIP wireless phone crash fromNmap scan They are truly a "fragile" class of new devices. I bought the over priced WIP330 for testing myself. And minus the rather good screen brightness and resolution in pretty disappointed with it (its just a cumbersome phone). but as long as Cisco is still selling their gray scale wifi phone for $500 I consider it a deal. ----- Original Message ----- From: "Shawn Merdinger" <shawnmer@...il.com> To: "pingywon" <pingywon@...mail.com>; <full-disclosure@...ts.grok.org.uk> Sent: Friday, December 08, 2006 1:53 AM Subject: Re: [Full-disclosure] Linksys WIP 330 VoIP wireless phone crash fromNmap scan > Hi, > > Yes, this is an extraordinarily lame bug, but that's sort of the point > with many of these VoIP phones, both wired and wireless. They are a > new class of device going onto networks and tend to be kind of sucky > when it comes to what I'd consider *expected customer environment tool > runs* like Nmap and Nessus, not to mention plenty of others such as > ISIC, Protos, Asteroid, <insert fuzzer-o'-the-day-here>...and that's > just sticking with the free stuff. > > I didn't find the bug anyways, I just reported it to Linksys and then > FD. And even though I'm poking around with a bunch of VoIP phones on > my own time and dime, I don't own one of these WIP 330s. > > Anyway, you seem happy with your WIP 330...once you got it configured... > http://www.trixbox.org/modules/newbb/viewtopic.php?topic_id=5974&forum=3#forumpost23445 > > Say, if you have the cycles for some free vendor QA, and since you > have a WIP 330 in hand, maybe you can find something much cooler with > that PhoneCtl.exe crash and get back to us? > > Thanks, > --scm > > > > > On 12/7/06, pingywon <pingywon@...mail.com> wrote: >> >> "The crash >> > appears related to PhoneCtl.exe running on the phone's Windows CE 4.2 >> > operating system." >> >> "Let me take a look at that screenshot again..." >> >> http://www.flickr.com/photos/metalmijn/295348294/ >> >> "Heck buddy, you appear correct" >> >> ~p >> >> >> >> >> >> ----- Original Message ----- >> From: "Shawn Merdinger" <shawnmer@...il.com> >> To: <full-disclosure@...ts.grok.org.uk> >> Sent: Wednesday, December 06, 2006 1:40 PM >> Subject: [Full-disclosure] Linksys WIP 330 VoIP wireless phone crash >> fromNmap scan >> >> >> > Vulnerability Description >> > ================== >> > The Linksys WIP 330 VoIP wireless phone will crash when a full >> > port-range Nmap scan is run against its IP address. >> > >> > >> > Linksys WIP 330 Firmware Version >> > ========================== >> > 1.00.06A >> > >> > >> > Nmap scan command >> > ================ >> > nmap -P0 <WIP 330 ip address> -p 1-65535 >> > >> > >> > Impact >> > ===== >> > The crash is only after Nmap has finished. The Nmap scan also seems to >> > disrupt updating of the display as the clock is not updated. The crash >> > appears related to PhoneCtl.exe running on the phone's Windows CE 4.2 >> > operating system. >> > >> > Screenshot of the crash: >> > http://www.flickr.com/photos/metalmijn/295348294/ >> > >> > >> > Credit >> > ==== >> > Credit for discovering this vulnerability goes to Armijn Hemel >> > >> > _______________________________________________ >> > Full-Disclosure - We believe in it. >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> > Hosted and sponsored by Secunia - http://secunia.com/ >> > >> >> > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists