Lucene search

[email protected]CVE-2005-3715

HistoryNov 21, 2005 - 11:03 a.m.

CVE-2005-3715

2005-11-2111:03:00

[email protected]

web.nvd.nist.gov

cve-2005-3715

senao

si-680h

wireless

voip

phone

firmware

vxworks

debugger

udp

port

authentication

vulnerability

security

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.3%

JSON

Senao SI-680H Wireless VoIP Phone Firmware 0.03.0839 leaves the VxWorks debugger UDP port 17185 available without authentication, which allows attackers to access the phone OS, obtain sensitive information, and cause a denial of service.

Affected configurations

NVD

Node

senaosi-680h_wireless_voip_phoneMatch1.7.0_firmware_0.03.0839

CPENameOperatorVersion
senao:si-680h_wireless_voip_phonesenao si-680h wireless voip phoneeq1.7.0_firmware_0.03.0839

CPE	Name	Operator	Version
senao:si-680h_wireless_voip_phone	senao si-680h wireless voip phone	eq	1.7.0_firmware_0.03.0839

References

lists.grok.org.uk/pipermail/full-disclosure/2005-November/038836.html

secunia.com/advisories/17606

www.securityfocus.com/bid/15475

www.vupen.com/english/advisories/2005/2474

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.3%

JSON

Related for CVE-2005-3715

nvd1 cvelist1