lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 8 Dec 2006 10:10:16 -0500
From: "pingywon" <pingywon@...mail.com>
To: "Shawn Merdinger" <shawnmer@...il.com>, <full-disclosure@...ts.grok.org.uk>
Subject: Re: Linksys WIP 330 VoIP wireless phone crash
	fromNmap scan

They are truly a "fragile" class of new devices. I bought the over priced 
WIP330 for testing myself. And minus the rather good screen brightness and 
resolution in pretty disappointed with it (its just a cumbersome phone).

but as long as Cisco is still selling their gray scale wifi phone for $500 I 
consider it a deal.
----- Original Message ----- 
From: "Shawn Merdinger" <shawnmer@...il.com>
To: "pingywon" <pingywon@...mail.com>; <full-disclosure@...ts.grok.org.uk>
Sent: Friday, December 08, 2006 1:53 AM
Subject: Re: [Full-disclosure] Linksys WIP 330 VoIP wireless phone crash 
fromNmap scan


> Hi,
>
> Yes, this is an extraordinarily lame bug, but that's sort of the point
> with many of these VoIP phones, both wired and wireless.  They are a
> new class of device going onto networks and tend to be kind of sucky
> when it comes to what I'd consider *expected customer environment tool
> runs* like Nmap and Nessus, not to mention plenty of others such as
> ISIC, Protos, Asteroid, <insert fuzzer-o'-the-day-here>...and that's
> just sticking with the free stuff.
>
> I didn't find the bug anyways, I just reported it to Linksys and then
> FD.  And even though I'm poking around with a bunch of VoIP phones on
> my own time and dime, I don't own one of these WIP 330s.
>
> Anyway, you seem happy with your WIP 330...once you got it configured...
> http://www.trixbox.org/modules/newbb/viewtopic.php?topic_id=5974&forum=3#forumpost23445
>
> Say, if you have the cycles for some free vendor QA, and since you
> have a WIP 330 in hand, maybe you can find something much cooler with
> that PhoneCtl.exe crash and get back to us?
>
> Thanks,
> --scm
>
>
>
>
> On 12/7/06, pingywon <pingywon@...mail.com> wrote:
>>
>>  "The crash
>> > appears related to PhoneCtl.exe running on the phone's Windows CE 4.2
>> > operating system."
>>
>> "Let me take a look at that screenshot again..."
>>
>> http://www.flickr.com/photos/metalmijn/295348294/
>>
>> "Heck buddy, you appear correct"
>>
>> ~p
>>
>>
>>
>>
>>
>> ----- Original Message -----
>> From: "Shawn Merdinger" <shawnmer@...il.com>
>> To: <full-disclosure@...ts.grok.org.uk>
>> Sent: Wednesday, December 06, 2006 1:40 PM
>> Subject: [Full-disclosure] Linksys WIP 330 VoIP wireless phone crash
>> fromNmap scan
>>
>>
>> > Vulnerability Description
>> > ==================
>> > The Linksys WIP 330 VoIP wireless phone will crash when a full
>> > port-range Nmap scan is run against its IP address.
>> >
>> >
>> > Linksys WIP 330 Firmware Version
>> > ==========================
>> > 1.00.06A
>> >
>> >
>> > Nmap scan command
>> > ================
>> > nmap -P0 <WIP 330 ip address> -p 1-65535
>> >
>> >
>> > Impact
>> > =====
>> > The crash is only after Nmap has finished. The Nmap scan also seems to
>> > disrupt updating of the display as the clock is not updated. The crash
>> > appears related to PhoneCtl.exe running on the phone's Windows CE 4.2
>> > operating system.
>> >
>> > Screenshot of the crash: 
>> > http://www.flickr.com/photos/metalmijn/295348294/
>> >
>> >
>> > Credit
>> > ====
>> > Credit for discovering this vulnerability goes to Armijn Hemel
>> >
>> > _______________________________________________
>> > Full-Disclosure - We believe in it.
>> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> > Hosted and sponsored by Secunia - http://secunia.com/
>> >
>>
>>
> 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists