75 matches found
EUVD-2005-2242
Malware in sbrugna...
EUVD-2005-2243
Malware in sbrugna...
EUVD-2007-5443
Malware in sbrugna...
EUVD-2007-4616
Malware in sbrugna...
EUVD-2007-4615
Malware in sbrugna...
EUVD-2005-2244
Malware in sbrugna...
EUVD-2005-2245
Malware in sbrugna...
EUVD-2006-0375
Malware in sbrugna...
EUVD-2006-0374
Malware in sbrugna...
EUVD-2002-0501
Malware in sbrugna...
CVE-2017-6624
CVE-2017-6624 affects Cisco IOS 15.5(3)M Software for Cisco CallManager Express (CME). The issue stems from a configuration restriction in the toll-fraud protections component, allowing an unauthenticated, remote attacker to place unauthorized long-distance calls via an affected system. Connected...
CVE-2006-2369
RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server,...
Cisco CallManager 1.0/2.0/3.x/4.0 CTI Manager Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14251/info The CallManager CTI Manager service is susceptible to a remote denial of service vulnerability. This issue is documented in Cisco bug CSCee00116, which is available to Cisco customers. This issue may be exploit...
Cisco CallManager 3.x/4.x Web Interface ccmuser/logon.asp XSS
No description provided by source. source: http://www.securityfocus.com/bid/18504/info Cisco CallManager is prone to a cross-site scripting vulnerability. This issue is due to a failure in the web-interface to properly sanitize user-supplied input. An attacker may leverage this issue to have...
CVE-2009-5040
CallManager Express CME on Cisco IOS before 15.01XA allows remote authenticated users to cause a denial of service device crash by using an extension mobility EM phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555...
Vulnerability in Cisco IOS Embedded Call Processing Solutions - Cisco Systems
Cisco Internetwork Operating System IOS Software release trains 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the Cisco IOS Telephony Service ITS, Cisco CallManager Express CME or Survivable Remote Site Telephony SRST may contain a vulnerability in processing certain malformed control protoc...
Cisco CallManager / Unified Communications Manager privilege escalation
During authentication process for address book synchronization, full access account credentials are leaked to client...
CiscoCallManager_sql_07_016.txt
Portcullis Security Advisory 07016 Vulnerable System: Cisco Unified CallManager Vulnerability Title: Multiple SQL Injections In User And Admin Interface Vulnerability discovery and development: Nico Leidecker of Portcullis Computer Security Ltd discovered this vulnerability. Further research was...
Authentication flaw
Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID aka "toll fraud and authentication...
Cisco CallManager / OpenSer authentication relaying attacks
Insufficient Digest authentication validation allows active man-in-the-middle to access resources unrequested by client...