CVE-2006-0179

Cisco IP Phone 7940 - Denial of Service via TCP SYN Flood

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-0179. PoCs published by kokanin.

AI-analyzed exploit summary This Perl script exploits a DoS vulnerability in Cisco 7940 IP phones running version 7.0(2.0) by flooding the target with SYN packets. It uses the Net::RawIP module to craft and send TCP packets with random source ports to the specified target port.

Description

The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80.

Exploits (1)

exploitdb WORKING POC VERIFIED

by kokanin · perldoshardware

https://www.exploit-db.com/exploits/1411

View Code ZIP pw:eip

This Perl script exploits a DoS vulnerability in Cisco 7940 IP phones running version 7.0(2.0) by flooding the target with SYN packets. It uses the Net::RawIP module to craft and send TCP packets with random source ports to the specified target port.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Cisco 7940 IP Phone running version 7.0(2.0) with Skinny protocol

No auth needed

Prerequisites: Network access to the target device · Perl environment with Net::RawIP module

MITRE ATT&CK