Lucene search
+L

4455 matches found

NVD
NVD
added 2002/10/04 4:0 a.m.12 views

CVE-2002-0882

The web server for Cisco IP Phone VoIP models 7910, 7940, and 7960 allows remote attackers to cause a denial of service reset and possibly read sensitive memory via a large integer value in 1 the stream ID of the StreamingStatistics script, or 2 the port ID of the PortInformation script...

6.4CVSS6.9AI score0.02749EPSS
Exploits0References6
NVD
NVD
added 2002/10/04 4:0 a.m.9 views

CVE-2002-0880

Cisco IP Phone VoIP models 7910, 7940, and 7960 allow remote attackers to cause a denial of service crash via malformed packets as demonstrated by 1 "jolt", 2 "jolt2", 3 "raped", 4 "hping2", 5 "bloop", 6 "bubonic", 7 "mutant", 8 "trash", and 9 "trash2."...

5CVSS6.7AI score0.01307EPSS
Exploits0References1
CVE
CVE
added 2002/08/31 4:0 a.m.49 views

CVE-2002-0881

The CVE-2002-0881 entry affects Cisco IP Phone (VoIP) models 7910, 7940, and 7960. The underlying issue is the use of a default administrative password, enabling attackers with physical access to the phone to modify configuration settings. Connected documents corroborate the vulnerable components...

2.1CVSS6.7AI score0.00394EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2002/08/31 4:0 a.m.60 views

CVE-2002-0882

CVE-2002-0882 affects Cisco IP Phone (VoIP) models 7910, 7940, and 7960. The vulnerability arises from handling large integer values in two script parameters: the stream ID of StreamingStatistics and the port ID of PortInformation. Exploitation can cause a remote DoS (reset) and may allow reading...

6.4CVSS6.9AI score0.02749EPSS
Exploits0References6Affected Software2
CVE
CVE
added 2002/08/31 4:0 a.m.45 views

CVE-2002-0880

Cisco IP Phone (VoIP) models 7910, 7940, and 7960 are affected by CVE-2002-0880. Remote attackers can cause a denial of service (crash) by sending malformed packets (examples: jolt, jolt2, raped, hping2, bloop, bubonic, mutant, trash, trash2). The root cause is described only as malformed packets...

5CVSS7.1AI score0.01307EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.18 views

CVE-2002-0881

Cisco IP Phone VoIP models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration settings...

6.3AI score0.00394EPSS
Exploits0References4
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.19 views

CVE-2002-0880

Cisco IP Phone VoIP models 7910, 7940, and 7960 allow remote attackers to cause a denial of service crash via malformed packets as demonstrated by 1 "jolt", 2 "jolt2", 3 "raped", 4 "hping2", 5 "bloop", 6 "bubonic", 7 "mutant", 8 "trash", and 9 "trash2."...

6.7AI score0.01307EPSS
Exploits0References1
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.21 views

CVE-2002-0882

The web server for Cisco IP Phone VoIP models 7910, 7940, and 7960 allows remote attackers to cause a denial of service reset and possibly read sensitive memory via a large integer value in 1 the stream ID of the StreamingStatistics script, or 2 the port ID of the PortInformation script...

6.9AI score0.02749EPSS
Exploits0References6
NVD
NVD
added 2002/07/23 4:0 a.m.18 views

CVE-2002-0670

The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 uses Base64 encoded usernames and passwords for HTTP basic authentication, which allows remote attackers to steal and easily decode the passwords via sniffing...

7.5CVSS6.8AI score0.01635EPSS
Exploits0References3
NVD
NVD
added 2002/07/23 4:0 a.m.16 views

CVE-2002-0675

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not require administrative privileges to perform a firmware upgrade, which allows unauthorized users to upgrade the phone...

4.6CVSS6.6AI score0.00351EPSS
Exploits0References4
NVD
NVD
added 2002/07/23 4:0 a.m.17 views

CVE-2002-0671

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verify the integrity of the applications, which could allow remote attackers to install Trojan horse applications via DNS spoofing...

9.8CVSS9.4AI score0.01151EPSS
Exploits0References4
NVD
NVD
added 2002/07/23 4:0 a.m.13 views

CVE-2002-0667

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 has a default null administrator password, which could allow remote attackers to gain access to the phone...

10CVSS6.9AI score0.02615EPSS
Exploits0References4
NVD
NVD
added 2002/07/23 4:0 a.m.13 views

CVE-2002-0672

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to restore the phone to factory defaults without authentication via a menu option, which sets the administrator password to null...

4.6CVSS6.6AI score0.00354EPSS
Exploits0References3
CVE
CVE
added 2002/07/15 4:0 a.m.47 views

CVE-2002-0667

CVE-2002-0667 concerns Pingtel xpressa SIP phones (model PX-1) running software 1.2.5–1.2.7.4. The issue arises from a default administrator password set to null (admin user), enabling remote and local administrative access, manipulation of SIP signaling, and potential takeover of the device. Con...

10CVSS6.9AI score0.02615EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2002/07/15 4:0 a.m.55 views

CVE-2002-0670

The CVE-2002-0670 issue affects Pingtel xpressa SIP phones (software versions 1.2.5–1.2.7.4). The web interface uses HTTP Basic authentication with Base64-encoded credentials, allowing remote attackers to sniff and decode usernames/passwords in transit. Documents confirm the risk is tied to unenc...

7.5CVSS6.8AI score0.01635EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2002/07/15 4:0 a.m.19 views

CVE-2002-0670

The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 uses Base64 encoded usernames and passwords for HTTP basic authentication, which allows remote attackers to steal and easily decode the passwords via sniffing...

6.8AI score0.01635EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2002/06/05 12:0 a.m.49 views

Cisco VoIP Phone Multiple Script Malformed Request DoS

The remote host appears to be a Cisco IP phone. It was possible to reboot this device by requesting : http:///StreamingStatistics?120000 This device likely has other vulnerabilities that Nessus has not checked for. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Script audit and contribution...

6.4CVSS5.4AI score0.02749EPSS
Exploits0References3
securityvulns
securityvulns
added 2001/10/26 12:0 a.m.32 views

Pc-to-Phone vulnerability - broken by design

Dear Sirs, This is to report a security vulnerability in DeltaThree's Pc-To-Phone product, version 3.0.3 latest version, and possibly earlier versions. This security flaw was first reported to DeltaThree/iConnectHere on October 3, 2001, where I told the company about the security flaw, how it cou...

Exploits0
CVE
CVE
added 2001/01/22 5:0 a.m.81 views

CVE-2000-1089

CVE-2000-1089 is a buffer overflow in Microsoft’s IIS Phone Book Service (pbserver.dll) that, per the description, allows local users to execute arbitrary commands (Phone Book Service Buffer Overflow). Public material references MS00-094 as the corrective update and notes that the vulnerable comp...

10CVSS7.2AI score0.76552EPSS
Exploits4References4Affected Software2
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.32 views

CVE-2000-1089

Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability...

7.1AI score0.76552EPSS
Exploits4References4
Rows per page
Query Builder