Lucene search

[email protected]CVE-2006-0375

HistoryJan 22, 2006 - 8:03 p.m.

CVE-2006-0375

2006-01-2220:03:00

[email protected]

web.nvd.nist.gov

cve-2006-0375

advantage century telecommunication

act

p202s ip phone

firmware

vxworks

hardcoded

ntp

server

taiwan

remote attackers

time information

false time

access block

security vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.0%

JSON

Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 running firmware 1.1.21 on VxWorks uses a hardcoded Network Time Protocol (NTP) server in Taiwan, which could allow remote attackers to provide false time information, block access to time information, or conduct other attacks.

Affected configurations

NVD

Node

advantage_century_telecommunicationp202sMatch1.01.21_firmware_1.1.21

CPENameOperatorVersion
advantage_century_telecommunication:p202sadvantage century telecommunication p202seq1.01.21_firmware_1.1.21

CPE	Name	Operator	Version
advantage_century_telecommunication:p202s	advantage century telecommunication p202s	eq	1.01.21_firmware_1.1.21

References

lists.grok.org.uk/pipermail/full-disclosure/2006-January/041434.html

secunia.com/advisories/18514

www.securityfocus.com/bid/16288

exchange.xforce.ibmcloud.com/vulnerabilities/24149

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.0%

JSON

Related for CVE-2006-0375

cvelist1 nvd1 prion1