PT-2007-5674 · Grandstream · Grandstream Sip Phone Gxv-3000

Publicado

2007-08-23

Atualizado

2017-07-29

CVE-2007-4498

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:M/Au:N/C:P/I:N/A:C

Name of the Vulnerable Software and Affected Versions Grandstream SIP Phone GXV-3000 version 1.0.1.7

Description The issue allows remote attackers to force silent call completion, eavesdrop on the phone's local environment, and cause a denial of service via a certain SIP INVITE message followed by a certain "SIP/2.0 183 Session Progress" message.

Recommendations For Grandstream SIP Phone GXV-3000 version 1.0.1.7, consider restricting or disabling the handling of SIP INVITE messages and "SIP/2.0 183 Session Progress" messages until a patch is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-4498

Produtos afetados

Grandstream Sip Phone Gxv-3000

PT-2007-5674 · Grandstream · Grandstream Sip Phone Gxv-3000

CVE-2007-4498

Identificadores relacionados

Produtos afetados

Referências · 11