Details of VAR-200511-0099

ID

VAR-200511-0099

CVE

CVE-2005-3715

TITLE

Senao SI-680H VOIP WIFI phone VxWorks Remote debugger access vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200511-293

DESCRIPTION

Senao SI-680H Wireless VoIP Phone Firmware 0.03.0839 leaves the VxWorks debugger UDP port 17185 available without authentication, which allows attackers to access the phone OS, obtain sensitive information, and cause a denial of service. Senao SI-680H and SI-7800H VOIP WIFI Phone allows remote debugger connections. Successful exploitation of this vulnerability could allow a remote attacker to obtain debugging information from the device or cause a denial of service. Senao SI-680H VOIP WIFI Phones running firmware version 0.03.0839, and Sanao SI-7800H running firmware version 0.03.0001 are prone to this issue. Other versions may also be vulnerable. Senao SI-680H is a wireless phone. SOLUTION: Restrict use to within trusted networks only. PROVIDED AND/OR DISCOVERED BY: Shawn Merdinger ORIGINAL ADVISORY: http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038836.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.35

sources: NVD: CVE-2005-3715 // BID: 15475 // VULHUB: VHN-14923 // PACKETSTORM: 41623

AFFECTED PRODUCTS

vendor:	senao	model:	si-680h wireless voip phone	scope:	eq	version:	1.7.0_firmware_0.03.0839	Trust: 1.6
vendor:	senao	model:	si-7800h voip wifi phone	scope:	eq	version:	0.03.0001	Trust: 0.3
vendor:	senao	model:	si-680h voip wifi phone	scope:	eq	version:	0.3.0839	Trust: 0.3

sources: BID: 15475 // CNNVD: CNNVD-200511-293 // NVD: CVE-2005-3715

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-3715
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200511-293
value:	HIGH
Trust: 0.6
VULHUB:	VHN-14923
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2005-3715
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-14923
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-14923 // CNNVD: CNNVD-200511-293 // NVD: CVE-2005-3715

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-3715

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200511-293

TYPE

Design Error

Trust: 0.9

sources: BID: 15475 // CNNVD: CNNVD-200511-293

EXTERNAL IDS

db:	BID	id:	15475	Trust: 2.0
db:	SECUNIA	id:	17606	Trust: 1.8
db:	VUPEN	id:	ADV-2005-2474	Trust: 1.7
db:	NVD	id:	CVE-2005-3715	Trust: 1.7
db:	CNNVD	id:	CNNVD-200511-293	Trust: 0.7
db:	FULLDISC	id:	20051116 SENAO SI-680H VOIP WIFI PHONE UNDOCUMENTED OPEN PORT	Trust: 0.6
db:	VULHUB	id:	VHN-14923	Trust: 0.1
db:	PACKETSTORM	id:	41623	Trust: 0.1

sources: VULHUB: VHN-14923 // BID: 15475 // PACKETSTORM: 41623 // CNNVD: CNNVD-200511-293 // NVD: CVE-2005-3715

REFERENCES

url:	http://lists.grok.org.uk/pipermail/full-disclosure/2005-november/038836.html	Trust: 1.8
url:	http://www.securityfocus.com/bid/15475	Trust: 1.7
url:	http://secunia.com/advisories/17606	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2005/2474	Trust: 1.1
url:	http://www.frsirt.com/english/advisories/2005/2474	Trust: 0.6
url:	http://www.senao.com/english/co/home.asp	Trust: 0.3
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/17606/	Trust: 0.1
url:	http://secunia.com/product/6144/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-14923 // BID: 15475 // PACKETSTORM: 41623 // CNNVD: CNNVD-200511-293 // NVD: CVE-2005-3715

CREDITS

Discovered by Shawn Merdinger <shawnmer@gmail.com>.

Trust: 0.9

sources: BID: 15475 // CNNVD: CNNVD-200511-293

SOURCES

db:	VULHUB	id:	VHN-14923
db:	BID	id:	15475
db:	PACKETSTORM	id:	41623
db:	CNNVD	id:	CNNVD-200511-293
db:	NVD	id:	CVE-2005-3715

LAST UPDATE DATE

2024-08-14T14:59:17.132000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-14923	date:	2011-03-08T00:00:00
db:	BID	id:	15475	date:	2006-01-17T22:20:00
db:	CNNVD	id:	CNNVD-200511-293	date:	2005-11-21T00:00:00
db:	NVD	id:	CVE-2005-3715	date:	2011-03-08T02:27:01.597

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-14923	date:	2005-11-21T00:00:00
db:	BID	id:	15475	date:	2005-11-16T00:00:00
db:	PACKETSTORM	id:	41623	date:	2005-11-19T21:56:12
db:	CNNVD	id:	CNNVD-200511-293	date:	2005-11-21T00:00:00
db:	NVD	id:	CVE-2005-3715	date:	2005-11-21T11:03:00