MPM HP-180W VoIP Wireless Desktop Phone has an undocumented port and service, UDP/9090, that provides an unauthenticated attacker information about the phone, specifically the phone's MAC address and software version.
0211e6e0f97b0e14f164acea36bab94ec3086713d09600c52bc265e7c43ba030
DATE:
16 January, 2006
VENDOR:
MPM - http://www.mpn.com.tw
VENDOR NOTIFIED:
7 December, 2005
PRODUCT:
MPM HP-180W VoIP 802.11b Wireless Desktop Phone
http://www.mpn.com.tw/index-product-3chinses.html
Firmware Version: WE.00.17
VULNERABILITY TITLE:
MPM HP-180W VoIP Wireless Desktop Phone undocumented port UDP/9090
DETAILS, IMPACT AND WORKAROUND:
MPM HP-180W VoIP Wireless Desktop Phone has an undocumented port and
service, UDP/9090, that provides an unauthenticated attacker
information about the phone,
specifically the phone's MAC address and software version. An attacker
can use this to remotely identify the phone and software version.
Also, the open port may provide an avenue for DoS.
There appears to be no workaround for this issue.
CONTACT INFORMATION:
Shawn Merdinger
shawnmer@gmail.com
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed