VOIP: Grandstream SIP Phone eavesdrop

This signature detects attempts to exploit a known vulnerability against Grandstream SIP Phone GXV-3000. Attackers can silent call completion, eavesdrop on the phone's local environment, and cause a denial of service .

Extended Description

The Grandstream SIP Phone GXV-3000 with firmware 1.0.1.7, Loader 1.0.0.6, and Boot 1.0.0.18 allows remote attackers to force silent call completion, eavesdrop on the phone's local environment, and cause a denial of service (blocked call reception) via a certain SIP INVITE message followed by a certain "SIP/2.0 183 Session Progress" message.

Affected Products

Grandstream sip_phone

References

BugTraq: 25399

CVE: CVE-2007-4498

Short Name
VOIP:SIP:GS-EAVESDROP
Severity
Minor
Recommended
False
Recommended Action
None
Category
VOIP
Keywords
CVE-2007-4498 Grandstream Phone SIP bid:25399 eavesdrop
Release Date
07/15/2015
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3761
False Positive
Unknown
Vendors

Grandstream

CVSS Score

7.8

Found a potential security threat?