Denial of Service Vulnerability in Nokia N95 Cell Phone Firmware
CVE-2007-6371

Currently unrated

Key Information:

Vendor: Nokia
Status: N95
Vendor: CVE Published:; 15 December 2007

What is CVE-2007-6371?

The Nokia N95 cell phone with RM-159 12.0.013 firmware is susceptible to a denial of service attack. This vulnerability allows remote attackers to render the device inoperable by sending a specific sequence of SIP messages. An attacker can exploit this flaw by sending a SIP INVITE message, followed immediately by a SIP CANCEL message for the same session, and then a second SIP INVITE message in a different session. This sequence disrupts the normal operation of the device, emphasizing the need for users to be aware of potential network threats and implement protective measures.

References

http://www.securityfocus.com/bid/26726

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2007/4113

vdb-entryx_refsource_VUPEN

http://lists.grok.org.uk/pipermail/full-disclosure/2007-D...

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability published
Dec 15, 2007
Vulnerability Reserved
Dec 14, 2007