552 matches found
CVE-2005-3716
CVE-2005-3716 affects UTStarcom F1000 VOIP WIFI Phone (s2.0, VxWorks 5.5.1, WIND 2.6). The SNMP daemon uses hard-coded public credentials that cannot be changed, enabling attackers to obtain sensitive information. No exploit details are provided in the documents, and the impact is reported as par...
CVE-2005-3715
Senao SI-680H Wireless VoIP Phone Firmware 0.03.0839 leaves the VxWorks debugger UDP port 17185 available without authentication, which allows attackers to access the phone OS, obtain sensitive information, and cause a denial of service...
CVE-2005-3715
CVE-2005-3715 affects Senao SI-680H Wireless VoIP Phone Firmware 0.03.0839. The issue stems from the VxWorks debugger UDP port 17185 being left open without authentication, which in turn allows an attacker to access the phone OS, potentially obtain sensitive information, and cause a denial of ser...
CVE-2005-3717
CVE-2005-3717 documents a vulnerability in the telnet daemon of UTStarcom F1000 VOIP WIFI Phone (S2.0) running VxWorks 5.5.1 with kernel WIND 2.6. The issue arises from a default account with username "target" and password "password", enabling remote attackers to gain full system access. Public s...
CVE-2005-3718
Affected product: UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6. Vulnerability details: The device does not allow users to disable access to (1) SNMP or (2) rlogin on TCP 513, enabling remote attackers to trigger other vulnerabilities (e.g., CVE-2005-3716) or exe...
PT-2005-4471 · Wind River +1 · Vxworks +2
Name of the Vulnerable Software and Affected Versions: UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 Description: The issue concerns hard-coded public credentials in the SNMP daemon that cannot be changed, allowing attackers to obtain sensitive information...
[Full-disclosure] Senao SI-680H VoIP Wifi phone undocumented open port
I disclosed today the following vulnerability at the 32nd CSI conference in Washington, D.C. https://www.cmpevents.com/CSI32/a.asp?option=G&V=3&id=406438 Thanks, Shawn Merdinger =============================================================== VENDOR: Senao VENDOR NOTIFIED: 28 June, 2005 VENDOR...
[Full-disclosure] UTstarcom F1000 VoIP Wifi phone multiple vulnerabilities
I disclosed today the following vulnerabilities at the 32nd CSI conference in Washington, D.C. https://www.cmpevents.com/CSI32/a.asp?option=G&V=3&id=406438 Thanks, Shawn Merdinger =============================================================== VENDOR: UTStarcom VENDOR NOTIFIED: 27 June, 2005 via...
Senao SI-680H wirieless Wi-Fi VoIP phones unauthorized access
VxWorks debugger is available with UDP/17185...
Multiple Cisco 7920 wireless IP Phones vulnerabilities
Fixed SNMP read/write community is available, VxWorks debugger is available via UDP/7920 port...
vxworks ftpd buffer overflow Denial of Service
It was possible to make the remote host crash by issuing this FTP command : CEL aaaa...aaaa This problem is similar to the 'aix ftpd' overflow but on embedded vxworks based systems like the 3com nbx IP phone call manager and seems to cause the server to crash. OpenVAS Vulnerability Test $Id:...
3Com NBX VoIP NetSet Detection
We have discovered that 3Com NBX VOIP NetSet is running on the remote host. 3Com NBX VoIP NetSet's web server is powered by VxWorks. The web server is known to contain vulnerabilities that would allow a remote attacker to cause a denial of service against the product by simply running a port...
vxworks ftpd buffer overflow
It might be possible to make the remote FTP server crash by issuing this command : CEL aaaa...aaaa This problem is similar to the 'aix ftpd' overflow but on embedded vxworks based systems like the 3com nbx IP phone call manager and seems to cause the server to crash. Note that OpenVAS solely reli...
vxworks ftpd buffer overflow Denial of Service
It was possible to make the remote host crash by issuing a FTP command. SPDX-FileCopyrightText: 2002 Michael Scheidell Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
3Com NBX VoIP NetSet Detection (HTTP)
We have discovered that 3Com NBX VOIP NetSet is running on the remote host. 3Com NBX VoIP NetSet SPDX-FileCopyrightText: 2004 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...
vxworks ftpd buffer overflow
It might be possible to make the remote FTP server crash by issuing this command : CEL aaaa...aaaa This problem is similar to the SPDX-FileCopyrightText: 2002 Michael Scheidell Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Telnet Banner Reporting
This scripts reports the received banner of a Telnet service. SPDX-FileCopyrightText: 2005 SecuriTeam SPDX-FileCopyrightText: Reworked, improved and extended detection code and pattern since 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C...
WindWeb <= 2.0 Malformed GET Request Remote DoS
The remote host appears to be running the WindWeb web server, which is found on embedded devices running Wind River Systems' VxWorks such as certain ADSL modems and routers. The version of WindWeb installed on the remote host is affected by a remote denial of service vulnerability when it receive...
CVE-2004-1680
The CVE-2004-1680 issue affects the Pingtel Xpressa handset (firmware 2.1.11.24) where application.cgi can be abused by remote authenticated users via a long HTTP GET request, potentially triggering a buffer overflow and causing a VxWorks OS crash (DoS). Connected sources confirm the vulnerabilit...
CVE-2004-0308
Unknown vulnerability in Cisco ONS 15327 before 4.13, ONS 15454 before 4.61, ONS 15454 SD before 4.13, and Cisco ONS15600 before 1.30 allows a superuser whose account is locked out, disabled, or suspended to gain unauthorized access via a Telnet connection to the VxWorks shell...