CVE-2007-5468
Cisco CallManager 5.1.1.3000-5 is vulnerable because it does not verify the Digest authentication header URI against the SIP Request URI. This allows remote attackers to use sniffed Digest credentials to place arbitrary calls or spoof caller ID (toll fraud and authentication forward attack). The ...