CVE-2007-5361

2007-11-20T14:46:00
ID CVE-2007-5361
Type cve
Reporter NVD
Modified 2018-10-15T17:44:01

Description

The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows remote attackers to cause a denial of service (loss of audio) or intercept voice communications via a crafted TFTP request containing the phone's MAC address in the filename.