1446 matches found
Debian DSA-1229-1 : asterisk - integer overflow
Adam Boileau discovered an integer overflow in the Skinny channel driver in Asterisk, an Open Source Private Branch Exchange or telephone system, as used by Cisco SCCP phones, which allows remote attackers to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
DSA-1229-1 asterisk
Bulletin has no description...
CVE-2006-5444
Integer overflow in the getinput function in the Skinny channel driver chanskinny.c in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads t...
CVE-2006-5444
Integer overflow in the getinput function in the Skinny channel driver chanskinny.c in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads t...
DEBIAN-CVE-2006-5444
Integer overflow in the getinput function in the Skinny channel driver chanskinny.c in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads t...
CVE-2006-5444
Integer overflow in the getinput function in the Skinny channel driver chanskinny.c in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads t...
CVE-2006-5444
CVE-2006-5444 involves an integer overflow in Asterisk’s Skinny channel driver (chan_skinny.c). Affected are Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, used by Cisco SCCP phones. An attacker can trigger a heap-based buffer overflow via a crafted dlen value, potentially leading to remot...
CVE-2006-5444
Integer overflow in the getinput function in the Skinny channel driver chanskinny.c in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads t...
Security-Assessment.com Advisory: Asterisk remote heap overflow
======================================================================== = Asterisk - chanskinny Remote Unauthenticated Heap Overflow = = Vendor Website: = http://www.asterisk.org = = Affected Version: = All 1.2-branch releases prior to and including 1.2.12.1 = All 1.0-branch releases prior to an...
Skinny Server Detection
The remote server is an H.323 proxy that understands the Skinny protocol, also known as SCCP, for 'Skinny Client Control Protocol'. Skinny is Cisco's proprietary lightweight terminal control protocol used by some VoIP phones to communicate with Cisco CallManager or Asterisk PBX systems. C Tenable...
asterisk -- remote heap overwrite vulnerability
Adam Boileau of Security-Assessment.com reports: The Asterisk Skinny channel driver for Cisco SCCP phones chanskinny.so incorrectly validates a length value in the packet header. An integer wrap-around leads to heap overwrite, and arbitrary remote code execution as root...
Multiple VoIP phones vulnerabilities
Buffer overflows in integrated HTTP server. Buffer overflow on large UDP datagrams...
FiWin SS28S Wi-Fi phones backdoor account
Phone has debug console with telnet access and hardcoded account 1 with password 1...
CVE-2005-4794
Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager SESM allows remote attackers to cause a denial of service crash or instability via a compressed DNS packet with a label length byte with an incorrect offset...
CVE-2005-4794
The CVE-2005-4794 issue affects Cisco devices listed in the Initial document: IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM). The vulnerability is a denial of service caused by processing a compressed DNS packet containing a label length by...
Design/Logic Flaw
The Motorola PEBL U6 08.83.76R, the Motorola V600, and possibly the Motorola E398 and other Motorola P2K-based phones does not require pairing for a connection related to the Headset Audio Gateway service, which allows user-assisted remote attackers to obtain AT level access and view phonebook...
CVE-2006-1366
Buffer overflow in the Motorola PEBL U6 08.83.76R, and possibly other Motorola P2K-based phones, allows remote attackers to cause a denial of service device shutdown, and possibly execute arbitrary code, via a long OBEX setpath to the OBEX File Transfer aka FTP service on Bluetooth channel 9...
Motorola cellular phones multiple bluetooth vulnerabilities
Security dialog spoofing, buffer overflow...
155022006-nokia_n70.txt
Software affected Bluetooth Stack on Nokia cell phones Version Nokia N70 and maybe other models Impact Remote Denial of Service, cellular phones begin to be slower and then freeze after a short period within 30 seconds. Credits Pierre Betouin - [email protected] - Bug found with BSS new...
[ Secuobs - Advisory ] Bluetooth : DoS on Sony/Ericsson cell phones
Software affected Bluetooth Stack on Sony/Ericsson cell phones Version Sony/Ericsson K600i, V600i, W800i, T68i and certainly other models Impact Bluetooth Stack Denial of Service may be more - may be a rootkit : - Phone DoS reboot or shutdown - White screen bug freeze sleeping Credits Pierre...