mailing list archives
ZyXel P2000W (Version 2) VoIP wireless phone undocumented port UDP/9090
From: Shawn Merdinger <shawnmer () gmail com>
Date: Mon, 16 Jan 2006 14:12:07 -0800
I disclosed the following issue at ShmooCon 2006
<http://www.shmoocon.org/> during my "VoIP Wireless Phone Security
16 January, 2006
7 December, 2005
ZyXel P2000W (Version 2) VoIP 802.11b Wireless Phone
Firmware version: WV.00.02
Zyxel P2000W (Version 2) VoIP wireless phone undocumented port UDP/9090
DETAILS, IMPACT AND WORKAROUND:
The Zyxel P2000W (Version 2) VoIP wireless phone has an undocumented
port, UDP/9090, that provides an unauthenticated attacker information
about the phone, specifically the phone's MAC address and software
version. An attacker can use this vulnerabiltiy to easily identiy the
phone and software version. Also, the undocumented open port may
provide an avenue for DoS.
There appears to be no workaround for this issue as far as disabling the port.
shawnmer () gmail com
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- ZyXel P2000W (Version 2) VoIP wireless phone undocumented port UDP/9090 Shawn Merdinger (Jan 16)