 |
 |
    |
Grandstream HandyTone-488 PSTN-to-VoIP adapter is vulnerable to buffer overflow
OverviewGrandstream HT-488 phone adapter can be crashed by sending a specially crafted SIP INVITE message to it’s public IP address. ImpactUsers of Grandstream HT-488 may be subjected to Denial of service attack causing their VoIP service based on the HT-488 to be disconnected. Description
The HandyTone 488 is a next generation Internet data, voice, fax and PSTN “all-in-one” integrated access device based on SIP standard. It can be used to connect a PSTN phone to VoIP service. The adapter is assigned a public IP address where it can be reached over an IP network. A buffer overflow vulnerability exists in SIP parser implementation of Grandstream HT-488 which allows an attacker to crash the adapter by sending a specially crafted SIP INVITE message to the public IP address of the adapter. Solution
Grandstream HT-488 SIP parser implementation should be patched to fix this buffer overflow vulnerability. For more information on any of these threat advisories, please email Sipera VIPER Lab at viper@sipera.com |
Unified Communications Unleashed
Sipera Systems is the worldwide market leader in solutions for the rapid and simple adoption of Unified Communications (UC).
Thousands of users around the globe rely on Sipera to secure VoIP, IP video, collaboration, messaging and dozens of other high-performance applications.
Sipera’s groundbreaking “Borderless UC” enables controlled communications to any device in any location.
Years of UC Security experience is contained in Sipera unified communications (UC-Sec) products. These appliances benefit from the research conducted by Sipera VIPER Lab to provide comprehensive threat protection, policy enforcement, access control, and privacy in a single, real-time appliance.