22 matches found
EUVD-2007-3310
Malware in sbrugna...
EUVD-2007-3309
Malware in sbrugna...
EUVD-2008-0541
Malware in sbrugna...
EUVD-2007-3311
Malware in sbrugna...
EUVD-2008-0538
Malware in sbrugna...
Vote! Pro 4.0 - Multiple PHP Code Execution Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/22191/info Multiple VoIP phones using the Aredfox PA168 Chipset are prone to a session-hijacking vulnerability due to a design error. An attacker can exploit this issue to gain administrative access to the embedded...
CVE-2008-0531
Heap-based buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote SIP servers to execute arbitrary code via a crafted challenge/response message...
Buffer overflow
Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote attackers to execute arbitrary code via a SIP message with crafted MIME data...
CVE-2008-0528
CVE-2008-0528 concerns Cisco Unified IP Phone models 7940/7940G/7960/7960G with SIP firmware. A buffer overflow occurs in the handling of SIP MIME boundary data, allowing a remote attacker to potentially execute arbitrary code via a crafted SIP message. Cisco’s advisory fixes SIP MIME boundary ov...
CVE-2008-0528
Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote attackers to execute arbitrary code via a SIP message with crafted MIME data...
Code injection
The Avaya 4602SW IP Phone Model 4602D02A with 2.2.2 and earlier SIP firmware accepts SIP INVITE requests from arbitrary source IP addresses, which allows remote attackers to have an unspecified impact...
Design/Logic Flaw
The Avaya 4602 SW IP Phone Model 4602D02A with 2.2.2 and earlier SIP firmware allows remote attackers to cause a denial of service device reboot via a flood of packets to the BOOTP port 68/udp...
CVE-2007-3322
The Avaya 4602 SW IP Phone Model 4602D02A with 2.2.2 and earlier SIP firmware uses a constant media port number for calls, which allows remote attackers to cause a denial of service audio quality loss via a flood of packets to the RTP port...
Authorization
The Avaya 4602SW IP Phone Model 4602D02A with 2.2.2 and earlier SIP firmware does not use the cnonce parameter in the Authorization header of SIP requests during MD5 digest authentication, which allows remote attackers to conduct man-in-the-middle attacks and hijack or intercept communications...
CVE-2007-3319
The CVE-2007-3319 entry concerns the Avaya 4602SW IP Phone (Model 4602D02A) with SIP firmware 2.2.2 and earlier, which does not use the cnonce parameter in the Authorization header of SIP requests during MD5 digest authentication. This omission allows remote attackers to perform man-in-the-middle...
CVE-2007-3322
The CVE concerns the Avaya 4602 SIP IP Phone (Model 4602D02A) running firmware version 2.2.2 and earlier. The vulnerability arises from using a constant media port for calls, which enables remote attackers to cause a denial of service (audio quality loss) by flooding the RTP port. The connected d...
CVE-2007-3320
Summary: CVE-2007-3320 affects the Avaya 4602SW IP Phone (Model 4602D02A) with SIP firmware 2.2.2 and earlier. The device accepts SIP INVITE requests from arbitrary source IP addresses, enabling remote attackers to cause an unspecified impact. The root cause is lack of source-IP filtering for INV...
CVE-2007-3319
The Avaya 4602SW IP Phone Model 4602D02A with 2.2.2 and earlier SIP firmware does not use the cnonce parameter in the Authorization header of SIP requests during MD5 digest authentication, which allows remote attackers to conduct man-in-the-middle attacks and hijack or intercept communications...
CVE-2007-3321
The Avaya 4602 SW IP Phone Model 4602D02A with 2.2.2 and earlier SIP firmware allows remote attackers to cause a denial of service device reboot via a flood of packets to the BOOTP port 68/udp...
CVE-2007-3322
The Avaya 4602 SW IP Phone Model 4602D02A with 2.2.2 and earlier SIP firmware uses a constant media port number for calls, which allows remote attackers to cause a denial of service audio quality loss via a flood of packets to the RTP port...