DoS vulnerabilities in Nokia N95 and Cisco 7940 IP phone
According to reports, a DoS vulnerability in the Nokia N95 mobile phone can be exploited to cause the device to freeze. It can then only be used again after a reboot. The report suggests that sending a few SIP INVITE packets to the N95's SIP client is enough to cause the phone to enter the abnormal state. By default, however, the SIP client is turned off. The vulnerability was discovered in firmware 12.0.013, but other versions and possibly other Nokia devices are also likely to be affected. According to the report, no statement has been issued by Nokia, although the vendor has been informed about the problem. No patch has been made available so far. Currently, the only workaround is to disable the N95 SIP client.
The authors of the Nokia report have also discovered a DoS vulnerability in the SIP implementation of the Cisco 7940 IP phone. According to their report, the device can be forced to reboot by sending a series of INVITE packets with no user name in the request URI. However, a successful exploit is said to require a valid user ID. The vulnerability has been confirmed for firmware P0S3-08-7-00. No update has yet been made available.
- Nokia N95 cellphone remote DoS using the SIP Stack, Madynes Team error report
- Cisco Phone 7940 remote DOS, Madynes Team error report
(mba)