HTTP: Localhost Host Header in Trans-Internet Request
This signature detects attempts to exploit a known vulnerability against several HTTP-based Web Interfaces for network devices (such as VOIP Phones). An attacker can send a crafted message to the server allowing them to bypass security restrictions and reconfigure or make arbitrary use of the device.
Extended Description
The web interface on snom VoIP phones is prone to an authentication-bypass vulnerability because it fails to properly verify HTTP requests. Successful exploits may allow attackers to bypass security restrictions and reconfigure the phones or make arbitrary use of the phones. snom VoIP phones with firmware prior to 6.5.20, 7.1.39 and 7.3.14 are vulnerable.
Affected Products
Snom_technology snom320,Snom_technology snom300
References
BugTraq: 43130
CVE: CVE-2008-4008
URL: http://www.snom.com/en/home/ http://www.csnc.ch/misc/files/advisories/cve-2009-1048.txt
Short Name
HTTP:LOCALHOST-ON-INTERNET
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2008-4008 CVE-2009-1048 Header Host Localhost Request Trans-Internet bid:43130 in
Release Date
09/20/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Snom_technology
CVSS Score
10.0