[Full-disclosure] (0-Day) PolyCom IP-301 VoIP Desktop Phone HTTP server DoS and undocumented TCP port 42

Title: PolyCom IP-301 VoIP Desktop Phone HTTP server DoS and undocumented TCP port 42 Version: 1.4.1.0040 Issues: 1.Phone reboots from the Nessus httpfingerprintinghmap.nasl script. 2.Phone reboots from a long URL sent to the HTTP daemon 3.Undocumented open port TCP/42 returns “Halt! Who goes...

Polycom ViaVideo denial of service

The remote web server locks up when several incomplete web requests are sent and the connections are kept open. SPDX-FileCopyrightText: 2003 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2002-1905

Buffer overflow in the web server of Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service crash via a long HTTP GET request...

CVE-2002-1906

The web server for Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service CPU consumption by sending incomplete HTTP requests and leaving the connections open...

CVE-2002-1906

The CVE-2002-1906 issue affects Polycom ViaVideo web server versions 2.2 and 3.0. The vulnerability is a denial-of-service caused by remote attackers sending incomplete HTTP requests and keeping connections open, which leads to CPU consumption/lockups. The available connected sources (OpenVAS NAS...

CVE-2002-1905

CVE-2002-1905 describes a buffer overflow in the Polycom ViaVideo web server (versions 2.2 and 3.0) that can be triggered by a long HTTP GET request, leading to remote denial of service (crash). Affected software: Polycom ViaVideo web server (2.2, 3.0). Root cause: improper handling of long HTTP ...

CVE-2002-0627

The CVE-2002-0627 issue concerns the Polycom ViewStation Web server prior to version 7.2.4, where authentication can be bypassed and files read through Unicode-encoded requests. The affected component is the ViewStation web server; the underlying cause is a flaw that permits bypassing access cont...

CVE-2002-0630

The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service crash via long or malformed ICMP packets...

CVE-2002-0627

The Web server for Polycom ViewStation before 7.2.4 allows remote attackers to bypass authentication and read files via Unicode encoded requests...

CVE-2002-0630

The CVE-2002-0630 entry documents a vulnerability in the Telnet service of Polycom ViewStation, affected when running versions before 7.2.4. The issue allows remote attackers to cause a crash (denial of service) via long or malformed ICMP packets. No exploitation details or explicit remediation a...

Polycom ViaVideo Web Server Incomplete HTTP Connection Saturation Remote DoS

The remote web server locks up when several incomplete web requests are sent and the connections are kept open. Some servers e.g. Polycom ViaVideo even run an endless loop, using much CPU on the machine. Nessus has no way to test this, but you'd better check your machine. C Tenable Network...

CVE-2003-0556

Polycom MGC 25 allows remote attackers to cause a denial of service crash via a large number of "user" requests to the control port 5003, as demonstrated using the blast TCP stress tester...

CVE-2003-0556

Polycom MGC 25 allows remote attackers to cause a denial of service crash via a large number of "user" requests to the control port 5003, as demonstrated using the blast TCP stress tester...

CVE-2003-0556

Polycom MGC 25 is affected by CVE-2003-0556, where a remote attacker can cause a denial of service (crash) by sending a large number of requests to control port 5003, demonstrated with the blast TCP stress tester. The issue is tied to the MGC 25’s handling of control-port requests; no patch/mitig...

DoS - Polycom MGC 25 Control Port

------------------------------------------------------------------ - EXPL-A-2003-014 exploitlabs.com Advisory 014 ------------------------------------------------------------------ -= Polycom MGC25 =- Nutcase July 12, 2003 Vunerabilitys: ---------------- Denial of Service Product: -------- Polyco...

Polycom MGC 25 DoS

Large amount of data to control port cause control service to hang...

CVE-2002-0627

The Web server for Polycom ViewStation before 7.2.4 allows remote attackers to bypass authentication and read files via Unicode encoded requests...

CVE-2002-0629

The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service crash via multiple connections to the server...

CVE-2002-0628

The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute force attack...

CVE-2002-0630

The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service crash via long or malformed ICMP packets...