Lucene search
K

62 matches found

Cvelist
Cvelist
added 2005/02/20 5:0 a.m.24 views

CVE-2004-1680

application.cgi in the Pingtel Xpressa handset running firmware 2.1.11.24 allows remote authenticated users to cause a denial of service VxWorks OS crash via a long HTTP GET request, possibly triggering a buffer overflow...

6.6AI score0.01875EPSS
Exploits1References4
CVE
CVE
added 2005/02/20 5:0 a.m.45 views

CVE-2004-1680

The CVE-2004-1680 issue affects the Pingtel Xpressa handset (firmware 2.1.11.24) where application.cgi can be abused by remote authenticated users via a long HTTP GET request, potentially triggering a buffer overflow and causing a VxWorks OS crash (DoS). Connected sources confirm the vulnerabilit...

5CVSS7AI score0.01875EPSS
Exploits1References4Affected Software1
securityvulns
securityvulns
added 2004/09/14 12:0 a.m.41 views

Pingtel Xpressa DoS

DoS through web interface...

2.2AI score
Exploits0References1
securityvulns
securityvulns
added 2004/09/14 12:0 a.m.30 views

@stake advisory: Pingtel Xpressa Denial of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Pingtel Xpressa Denial of Service Release Date: 09-13-2004 Device: Xpressa phone Model PX-1 Firmware: Core Apps: 2.1.11.24 Kernel: 2.1.11.24 Severity: An attacker can cause the phone to fai...

0.3AI score
Exploits0
NVD
NVD
added 2004/09/13 4:0 a.m.14 views

CVE-2004-1680

application.cgi in the Pingtel Xpressa handset running firmware 2.1.11.24 allows remote authenticated users to cause a denial of service VxWorks OS crash via a long HTTP GET request, possibly triggering a buffer overflow...

5CVSS6.6AI score0.01875EPSS
Exploits1References4
Exploit DB
Exploit DB
added 2004/09/13 12:0 a.m.16 views

Pingtel Xpressa 1.2.x/2.0/2.1 - Handset Remote Denial of Service

source: https://www.securityfocus.com/bid/11161/info Pingtel Xpressa handsets are reported prone to a remote denial of service vulnerability. The issue is reported to exist because of a lack of sufficient boundary checks performed on HTTP request data handled by the Xpressa administration web...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/09/13 12:0 a.m.14 views

Pingtel Xpressa 1.2.x2.02.1 - Handset Remote Denial of Service

Pingtel Xpressa 1.2.x2.02.1 - Handset Remote Denial of Service source: https://www.securityfocus.com/bid/11161/info Pingtel Xpressa handsets are reported prone to a remote denial of service vulnerability. The issue is reported to exist because of a lack of sufficient boundary checks performed on...

Exploits0
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.17 views

CVE-2002-0674

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not "time out" an inactive administrator session, which could allow other users to perform administrator actions if the administrator does not explicitly end the authentication...

6.5AI score0.00378EPSS
Exploits0References4
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.18 views

CVE-2002-0673

The enrollment process for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to the phone to log out the current user and re-register the phone using MyPingtel Sign-In to gain remote access and perform unauthorized actions...

6.6AI score0.00345EPSS
Exploits0References3
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.21 views

CVE-2002-0668

The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows authenticated users to modify the Call Forwarding settings and hijack calls...

6.4AI score0.01326EPSS
Exploits0References4
CVE
CVE
added 2004/09/01 4:0 a.m.43 views

CVE-2002-0674

The CVE-2002-0674 entry concerns Pingtel xpressa SIP phones (software versions 1.2.5–1.2.7.4) that do not time out an inactive administrator session, potentially allowing another user to perform administrator actions if the original admin session isn’t explicitly ended. This mirrors the @stake ad...

7.2CVSS6.5AI score0.00378EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2004/09/01 4:0 a.m.50 views

CVE-2002-0672

The CVE-2002-0672 entry concerns Pingtel xpressa SIP phones (versions 1.2.5–1.2.7.4) where the administrator password is null due to a factory reset without authentication via the GUI. The linked advisory and CVE records detail multiple issues affecting PX-1 devices, including local/remote admini...

4.6CVSS6.6AI score0.00354EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2004/09/01 4:0 a.m.52 views

CVE-2002-0668

The CVE-2002-0668 issue affects Pingtel xpressa SIP phones (software versions 1.2.5–1.2.7.4). A web interface vulnerability allows an authenticated user to modify Call Forwarding settings, hijacking calls by redirecting them to another SIP URL or number. The root cause is exposure of administrati...

7.5CVSS6.4AI score0.01326EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2004/09/01 4:0 a.m.45 views

CVE-2002-0673

CVE-2002-0673 concerns Pingtel xpressa SIP phones (PX-1, software 1.2.5–1.2.7.4). The vulnerability enables attackers with physical access to log out the current user via the enrollment process and re-register the phone using MyPingtel Sign-In, gaining remote access and allowing unauthorized acti...

4.6CVSS6.6AI score0.00345EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.20 views

CVE-2002-0672

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to restore the phone to factory defaults without authentication via a menu option, which sets the administrator password to null...

6.6AI score0.00354EPSS
Exploits0References3
CVE
CVE
added 2003/04/02 5:0 a.m.51 views

CVE-2002-0671

CVE-2002-0671 affects Pingtel xpressa SIP-based VoIP phones, versions 1.2.5–1.2.7.4. The issue arises when the device downloads applications from a web site without verifying their integrity, enabling remote attackers to install Trojan horse applications via DNS spoofing. The vulnerability is doc...

9.8CVSS6.6AI score0.01151EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.18 views

CVE-2002-0671

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verify the integrity of the applications, which could allow remote attackers to install Trojan horse applications via DNS spoofing...

9.5AI score0.01151EPSS
Exploits0References4
NVD
NVD
added 2003/02/19 5:0 a.m.11 views

CVE-2002-0669

The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows administrators to cause a denial of service by modifying the SIPAUTHENTICATESCHEME value to force authentication of incoming calls, which does not notify the user when an authentication failure occurs...

5CVSS6.7AI score0.01126EPSS
Exploits0References2
CVE
CVE
added 2003/02/11 5:0 a.m.42 views

CVE-2002-0669

The CVE-2002-0669 issue affects Pingtel xpressa SIP-based phones (versions 1.2.5–1.2.7.4). By changing SIP_AUTHENTICATE_SCHEME, an attacker can force authentication of incoming calls, causing a denial of service where neither caller nor callee is informed of the failure. The vulnerability stems f...

5CVSS6.7AI score0.01126EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2003/02/11 5:0 a.m.19 views

CVE-2002-0669

The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows administrators to cause a denial of service by modifying the SIPAUTHENTICATESCHEME value to force authentication of incoming calls, which does not notify the user when an authentication failure occurs...

6.7AI score0.01126EPSS
Exploits0References2
Rows per page
Query Builder