Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:11070
HistoryJan 17, 2006 - 12:00 a.m.

[Full-disclosure] MPM HP-180W VoIP wireless desktop phone undocumented port UDP/9090

2006-01-1700:00:00
vulners.com
7
JSON

I disclosed the following issue at ShmooCon 2006
<http://www.shmoocon.org/&gt; during my "VoIP Wireless Phone Security
Analysis" presentation.

Thanks,
–scm

===============================================================

DATE:
16 January, 2006

VENDOR:
MPM - http://www.mpn.com.tw

VENDOR NOTIFIED:
7 December, 2005

PRODUCT:
MPM HP-180W VoIP 802.11b Wireless Desktop Phone
http://www.mpn.com.tw/index-product-3chinses.html
Firmware Version: WE.00.17

VULNERABILITY TITLE:
MPM HP-180W VoIP Wireless Desktop Phone undocumented port UDP/9090

DETAILS, IMPACT AND WORKAROUND:
MPM HP-180W VoIP Wireless Desktop Phone has an undocumented port and
service, UDP/9090, that provides an unauthenticated attacker
information about the phone,
specifically the phone's MAC address and software version. An attacker
can use this to remotely identify the phone and software version.
Also, the open port may provide an avenue for DoS.

There appears to be no workaround for this issue.

CONTACT INFORMATION:
Shawn Merdinger
[email protected]

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

JSON