Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Prion
Prionadded 2007/10/16 12:17 a.m.22 views

Authentication flaw

OpenSER 1.2.2 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID aka "toll fraud and authentication forward attack". NOT...

5CVSS7.2AI score0.01062EPSS
Exploits0References7Affected Software1
NVD
NVDadded 2007/10/16 12:17 a.m.15 views

CVE-2007-5469

OpenSER 1.2.2 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID aka "toll fraud and authentication forward attack". NOT...

5CVSS7AI score0.01062EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2007/10/16 12:0 a.m.3 views

PT-2007-6505 · Openser · Openser

Name of the Vulnerable Software and Affected Versions: OpenSER version 1.2.2 Description: The issue allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID, which can lead to toll fraud and authentication forward attacks. Thi...

5CVSS7.5AI score0.01062EPSS
Exploits0References9
Cvelist
Cvelistadded 2007/10/16 12:0 a.m.15 views

CVE-2007-5468

Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID aka "toll fraud and authentication...

7AI score0.00829EPSS
Exploits0References7
Cvelist
Cvelistadded 2007/10/16 12:0 a.m.15 views

CVE-2007-5469

OpenSER 1.2.2 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID aka "toll fraud and authentication forward attack". NOT...

7AI score0.01062EPSS
Exploits0References7
CVE
CVEadded 2007/10/16 12:0 a.m.39 views

CVE-2007-5469

CVE-2007-5469 concerns OpenSER 1.2.2, where the system does not verify the Digest authentication header URI against the Request URI in SIP messages. This mismatch allows remote attackers to use sniffed Digest credentials to initiate calls to arbitrary telephone numbers or spoof caller ID (describ...

5CVSS7AI score0.01062EPSS
Exploits0References7Affected Software1
securityvulns
securityvulnsadded 2007/10/15 12:0 a.m.46 views

[Full-disclosure] CallManager and OpeSer toll fraud and authentication forward attack

MADYNES Security Advisory : SIP toll fraud and authentication forward attack Date of Discovery 5 May, 2007 Vendor1 Cisco was informed on 22 May 2007 Vendor 2 OpenSer, voice-systems was informed in 4 th October 2007 ID: KIPH11 Affected products CallManager: System version: 5.1.1.3000-5...

2.2AI score
Exploits0
Rows per page
Query Builder