Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Linksys WIP 330 VoIP wireless phone crash fromNmap scan

From: "pingywon" <pingywon () hotmail com>
Date: Fri, 8 Dec 2006 00:25:26 -0500

 "The crash

appears related to PhoneCtl.exe running on the phone's Windows CE 4.2
operating system."


"Let me take a look at that screenshot again..."

http://www.flickr.com/photos/metalmijn/295348294/

"Heck buddy, you appear correct"

~p





----- Original Message ----- 
From: "Shawn Merdinger" <shawnmer () gmail com>
To: <full-disclosure () lists grok org uk>
Sent: Wednesday, December 06, 2006 1:40 PM
Subject: [Full-disclosure] Linksys WIP 330 VoIP wireless phone crash 
fromNmap scan



Vulnerability Description
==================
The Linksys WIP 330 VoIP wireless phone will crash when a full
port-range Nmap scan is run against its IP address.


Linksys WIP 330 Firmware Version
==========================
1.00.06A


Nmap scan command
================
nmap -P0 <WIP 330 ip address> -p 1-65535


Impact
=====
The crash is only after Nmap has finished. The Nmap scan also seems to
disrupt updating of the display as the clock is not updated. The crash
appears related to PhoneCtl.exe running on the phone's Windows CE 4.2
operating system.

Screenshot of the crash: http://www.flickr.com/photos/metalmijn/295348294/


Credit
====
Credit for discovering this vulnerability goes to Armijn Hemel

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: