TITLE: MultiTech MultiVoIP Gateway Denial of Service Vulnerability SECUNIA ADVISORY ID: SA17852 VERIFY ADVISORY: http://secunia.com/advisories/17852/ CRITICAL: Less critical IMPACT: DoS WHERE: >From local network OPERATING SYSTEM: MultiTech MultiVOIP Gateway MPV810 http://secunia.com/product/6381/ MultiTech MultiVOIP Gateway MVP130 http://secunia.com/product/6378/ MultiTech MultiVOIP Gateway MVP210 http://secunia.com/product/6379/ MultiTech MultiVOIP Gateway MVP2410 http://secunia.com/product/6382/ MultiTech MultiVOIP Gateway MVP3010 http://secunia.com/product/6383/ MultiTech MultiVOIP Gateway MVP410 http://secunia.com/product/6380/ DESCRIPTION: Ejovi Nuwere has reported a vulnerability in MultiTech MultiVoIP Gateway, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a boundary error when parsing SIP packets. This can be exploited to cause a buffer overflow via a specially crafted SIP packet with an INVITE field that is longer than 60 characters. Successful exploitation causes the device to reboot. The vulnerability has been reported in models MVP130, MVP210, MVP410, MPV810, MVP2410, and MVP3010. SOLUTION: The vulnerability has been fixed in the X.08 release, which is available from the vendor. PROVIDED AND/OR DISCOVERED BY: Ejovi Nuwere, SecurityLab Technologies. ORIGINAL ADVISORY: http://www.securitylab.net/research/2005/12/buffer_overflow_in_multitech_v.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------