CVE-2007-3319
The CVE-2007-3319 entry concerns the Avaya 4602SW IP Phone (Model 4602D02A) with SIP firmware 2.2.2 and earlier, which does not use the cnonce parameter in the Authorization header of SIP requests during MD5 digest authentication. This omission allows remote attackers to perform man-in-the-middle...