Siemens HiNet LP5100 IP-phone Buffer Overflow DoS Vulnerability

There exists a vulnerability in the http mini-administration service operating on the Siemens HiNet 5100 IP-phone.

By sending a long GET request an attacker can cause the unit to exhibit "unpredictable results" (in the case of requests between 100 and 300 bytes) or to crash completely, (500 bytes +) requiring the unit to be powered down and restarted. In addition to this denial of service, an attacker sufficiently familiar with the hardware architecture and firmware of this platform may, conceivably, be able to exploit this overflow to place malicious machine code on the stack, permitting interference with or modification of the phone's software, intercepting of calls, or another compromise of the unit's normal functionality.


 

Privacy Statement
Copyright 2010, SecurityFocus