Details of VAR-200708-0441

ID

VAR-200708-0441

CVE

CVE-2007-4553

TITLE

Thomson ST 2030 SIP Service disruption on telephones (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2007-006035

DESCRIPTION

The Thomson ST 2030 SIP phone with software 1.52.1 allows remote attackers to cause a denial of service (device hang) via an INVITE message with a Via header that contains a '/' (slash) instead of the required space following the SIP version number. Thomson SpeedTouch 2030 is prone to a denial-of-service vulnerability because the device fails to handle specially crafted SIP INVITE messages. Exploiting this issue allows remote attackers to cause the device to stop responding, thus denying service to legitimate users. This issue affects Thomas SpeedTouch 2030 firmware 1.52.1; other versions may also be affected. ---------------------------------------------------------------------- BETA test the new Secunia Personal Software Inspector! The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors. Download the free PSI BETA from the Secunia website: https://psi.secunia.com/ ---------------------------------------------------------------------- TITLE: Thomson SpeedTouch 2030 Denial of Service Vulnerability SECUNIA ADVISORY ID: SA26587 VERIFY ADVISORY: http://secunia.com/advisories/26587/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote OPERATING SYSTEM: Thomson SpeedTouch 2030 VoIP Phone http://secunia.com/product/15497/ DESCRIPTION: A vulnerability has been reported in the Thomson SpeedTouch 2030 VoIP phone, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is reported in software version 1.52.1. SOLUTION: Use the device in a trusted network environment only. PROVIDED AND/OR DISCOVERED BY: Humberto J. Abdelnur, Radu State, and Olivier Festor ORIGINAL ADVISORY: http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065433.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2007-4553 // JVNDB: JVNDB-2007-006035 // BID: 25446 // VULHUB: VHN-27915 // PACKETSTORM: 58859

AFFECTED PRODUCTS

vendor:	thomson	model:	st 2030 sip phone	scope:	eq	version:	1	Trust: 1.6
vendor:	thomson	model:	st 2030 sip phone	scope:	eq	version:	1.52.1	Trust: 0.8
vendor:	thomson	model:	speedtouch	scope:	eq	version:	20301.52.1	Trust: 0.3

sources: BID: 25446 // JVNDB: JVNDB-2007-006035 // CNNVD: CNNVD-200708-419 // NVD: CVE-2007-4553

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-4553
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2007-4553
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200708-419
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-27915
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2007-4553
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-27915
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-27915 // JVNDB: JVNDB-2007-006035 // CNNVD: CNNVD-200708-419 // NVD: CVE-2007-4553

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2007-4553

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200708-419

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200708-419

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-006035

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-27915

PATCH

title:

Top Page

url:

http://thomsonreuters.com/

Trust: 0.8

sources: JVNDB: JVNDB-2007-006035

EXTERNAL IDS

db:	NVD	id:	CVE-2007-4553	Trust: 2.8
db:	BID	id:	25446	Trust: 2.0
db:	SECUNIA	id:	26587	Trust: 1.8
db:	VUPEN	id:	ADV-2007-2988	Trust: 1.7
db:	SECTRACK	id:	1018603	Trust: 1.7
db:	SREASON	id:	3075	Trust: 1.7
db:	JVNDB	id:	JVNDB-2007-006035	Trust: 0.8
db:	XF	id:	36217	Trust: 0.6
db:	FULLDISC	id:	20070823 DOS VULNERABILITY ON THOMSON SIP PHONE ST 2030 USING THE VIA HEADER	Trust: 0.6
db:	CNNVD	id:	CNNVD-200708-419	Trust: 0.6
db:	EXPLOIT-DB	id:	30530	Trust: 0.1
db:	EXPLOIT-DB	id:	4319	Trust: 0.1
db:	SEEBUG	id:	SSVID-83912	Trust: 0.1
db:	VULHUB	id:	VHN-27915	Trust: 0.1
db:	PACKETSTORM	id:	58859	Trust: 0.1

sources: VULHUB: VHN-27915 // BID: 25446 // JVNDB: JVNDB-2007-006035 // PACKETSTORM: 58859 // CNNVD: CNNVD-200708-419 // NVD: CVE-2007-4553

REFERENCES

url:	http://lists.grok.org.uk/pipermail/full-disclosure/2007-august/065433.html	Trust: 1.8
url:	http://www.securityfocus.com/bid/25446	Trust: 1.7
url:	http://www.securitytracker.com/id?1018603	Trust: 1.7
url:	http://secunia.com/advisories/26587	Trust: 1.7
url:	http://securityreason.com/securityalert/3075	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2007/2988	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/36217	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4553	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-4553	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/36217	Trust: 0.6
url:	http://www.frsirt.com/english/advisories/2007/2988	Trust: 0.6
url:	http://www.thomsontelecompartner.com/en/products/viewabusinesssolution.php?id=87	Trust: 0.3
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/26587/	Trust: 0.1
url:	https://psi.secunia.com/	Trust: 0.1
url:	http://secunia.com/product/15497/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-27915 // BID: 25446 // JVNDB: JVNDB-2007-006035 // PACKETSTORM: 58859 // CNNVD: CNNVD-200708-419 // NVD: CVE-2007-4553

CREDITS

Humberto J. Abdelnur, Radu State, and Olivier Festor are credited with the discovery of this vulnerability.

Trust: 0.3

sources: BID: 25446

SOURCES

db:	VULHUB	id:	VHN-27915
db:	BID	id:	25446
db:	JVNDB	id:	JVNDB-2007-006035
db:	PACKETSTORM	id:	58859
db:	CNNVD	id:	CNNVD-200708-419
db:	NVD	id:	CVE-2007-4553

LAST UPDATE DATE

2025-04-10T23:11:35.127000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-27915	date:	2017-07-29T00:00:00
db:	BID	id:	25446	date:	2015-05-07T17:35:00
db:	JVNDB	id:	JVNDB-2007-006035	date:	2012-12-20T00:00:00
db:	CNNVD	id:	CNNVD-200708-419	date:	2007-10-29T00:00:00
db:	NVD	id:	CVE-2007-4553	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-27915	date:	2007-08-28T00:00:00
db:	BID	id:	25446	date:	2007-08-27T00:00:00
db:	JVNDB	id:	JVNDB-2007-006035	date:	2012-12-20T00:00:00
db:	PACKETSTORM	id:	58859	date:	2007-08-27T15:28:28
db:	CNNVD	id:	CNNVD-200708-419	date:	2007-08-27T00:00:00
db:	NVD	id:	CVE-2007-4553	date:	2007-08-28T00:17:00