Secunia Advisory: | SA27945 | |
Release Date: | 2007-12-06 | |
Critical: | Not critical | |
Impact: | DoS | |
Where: | From remote | |
Solution Status: | Unpatched | |
OS: | Nokia N95 12.x | |
This advisory is currently marked as unpatched! - Companies can be alerted when a patch is released! |
Humberto J. Abdelnur, Radu State, and Olivier Festor have reported a weakness in Nokia N95, which can be exploited by malicious people to cause a DoS (Denial of Service).
The weakness is caused due to an error in processing SIP messages and can be exploited to cause the phone to become unresponsive via a specially crafted sequence of SIP messages.
Successful exploitation requires that the SIP client is enabled.
The weakness is reported in a Nokia N95 with firmware version 12.0.013. Other phones and versions may also be affected.
Solution:
Disable the SIP client.
Provided and/or discovered by:
Humberto J. Abdelnur, Radu State, and Olivier Festor, MADYNES research team
Original Advisory:
http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/058839.html
資料來源 http://secunia.com/advisories/27945/
全站熱搜
留言列表