10 matches found
EUVD-2014-2682
Malware in sbrugna...
EUVD-2014-2683
Malware in sbrugna...
CVE-2014-2650
Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP has an OS command injection vulnerability in the web based management interface...
CVE-2014-2651
Unify OpenStage/OpenScape Desk Phone IP SIP before V3 R3.11.0 has an authentication bypass in the default mode of the Workpoint Interface...
Authentication flaw
Unify OpenStage/OpenScape Desk Phone IP SIP before V3 R3.11.0 has an authentication bypass in the default mode of the Workpoint Interface...
CVE-2014-2651
Unify OpenStage/OpenScape Desk Phone IP SIP before V3 R3.11.0 has an authentication bypass in the default mode of the Workpoint Interface...
Code injection
Unify former Siemens OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of 1 ConfigureCoreFile.sh, 2 Traceroute.sh, 3 apps.sh, 4 conversionjava2native.sh, 5 coreCompression.sh, 6...
CVE-2014-8421
Unify former Siemens OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of 1 ConfigureCoreFile.sh, 2 Traceroute.sh, 3 apps.sh, 4 conversionjava2native.sh, 5 coreCompression.sh, 6...
CVE-2014-8421
Unify former Siemens OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of 1 ConfigureCoreFile.sh, 2 Traceroute.sh, 3 apps.sh, 4 conversionjava2native.sh, 5 coreCompression.sh, 6...
Multiple Unify Product Information Disclosure Vulnerabilities
The Unify OpenStage 60 and others are IP telephones from Unify USA. An information disclosure vulnerability exists in multiple Unify products that stems from the program's failure to use a unique X.509 certificate and SSH host key. A remote attacker could use this vulnerability to conduct a...