[Full-disclosure] UTstarcom F1000 VoIP Wifi phone multiple vulnerabilities

I disclosed today the following vulnerabilities at the 32nd CSI conference in Washington, D.C. https://www.cmpevents.com/CSI32/a.asp?option=G&V=3&id=406438 Thanks, Shawn Merdinger =============================================================== VENDOR: UTStarcom VENDOR NOTIFIED: 27 June, 2005 via...

CVE-2004-1680

The CVE-2004-1680 issue affects the Pingtel Xpressa handset (firmware 2.1.11.24) where application.cgi can be abused by remote authenticated users via a long HTTP GET request, potentially triggering a buffer overflow and causing a VxWorks OS crash (DoS). Connected sources confirm the vulnerabilit...