TITLE:
Senao SI-680H Wireless VoIP Phone Potential Denial of Service

SECUNIA ADVISORY ID:
SA17606

VERIFY ADVISORY:
http://secunia.com/advisories/17606/

CRITICAL:
Not critical

IMPACT:
Exposure of system information, DoS

WHERE:
>From local network

OPERATING SYSTEM:
Senao SI-680H Wireless VoIP Phone
http://secunia.com/product/6144/

DESCRIPTION:
Shawn Merdinger has reported a vulnerability in Senao SI-680H, which
potentially can be exploited by malicious people to cause a DoS and
to gain access to certain system information.

The vulnerability is caused due to the phone allowing connections
from the VxWorks debugger on port 17185/udp. This may be exploited to
gain access to the phone's OS and to collect debugging information or
to cause a DoS on the device.

The vulnerability has been reported in hardware version 1.7.0 with
firmware version 0.03.0839.

SOLUTION:
Restrict use to within trusted networks only.

PROVIDED AND/OR DISCOVERED BY:
Shawn Merdinger

ORIGINAL ADVISORY:
http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038836.html

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------