application.cgi in the Pingtel Xpressa handset running firmware 2.1.11.24 allows remote authenticated users to cause a denial of service (VxWorks OS crash) via a long HTTP GET request, possibly triggering a buffer overflow.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Xpressa | Pingtel | 1.2.5 (including) | 1.2.5 (including) |
Xpressa | Pingtel | 1.2.7.4 (including) | 1.2.7.4 (including) |
Xpressa | Pingtel | 1.2.8 (including) | 1.2.8 (including) |
Xpressa | Pingtel | 2.0 (including) | 2.0 (including) |
Xpressa | Pingtel | 2.0.1 (including) | 2.0.1 (including) |
Xpressa | Pingtel | 2.1.11.24 (including) | 2.1.11.24 (including) |