 |
 |
    |
Grandstream HandyTone-488 PSTN-to-VoIP adapter is vulnerable to buffer overflow
OverviewGrandstream HT-488 phone adapter can be crashed by sending a specially crafted SIP INVITE message to it’s public IP address. ImpactUsers of Grandstream HT-488 may be subjected to Denial of service attack causing their VoIP service based on the HT-488 to be disconnected. Description
The HandyTone 488 is a next generation Internet data, voice, fax and PSTN “all-in-one” integrated access device based on SIP standard. It can be used to connect a PSTN phone to VoIP service. The adapter is assigned a public IP address where it can be reached over an IP network. A buffer overflow vulnerability exists in SIP parser implementation of Grandstream HT-488 which allows an attacker to crash the adapter by sending a specially crafted SIP INVITE message to the public IP address of the adapter. Solution
Grandstream HT-488 SIP parser implementation should be patched to fix this buffer overflow vulnerability. For more information on any of these threat advisories, please email Sipera VIPER Lab at viper@sipera.com |
UC Security Defined
Sipera Systems, the leader in real-time Unified
Communications (UC) security, is the choice of enterprises
and service providers around the world to support their
mission-critical UC deployments.
Sipera offers groundbreaking, production-proven solutions
that secure voice, video, messaging, collaboration, and
other real-time communications in converged IP networks,
boosting compliance with information security requirements.
Backed by the industry-leading research of the VIPER lab,
Sipera's solutions provide comprehensive threat protection,
policy enforcement, access control, and encryption in a
single flexible appliance.