5 matches found
CVE-2005-3721
The default configuration of the HTTP server in Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not require authentication for sensitive configuration pages, which allows remote attackers to modify configuration...
CVE-2005-3725
Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 uses hardcoded IP addresses for its DNS servers, which could allow remote attackers to cause a denial of service or hijack Zyxel phones by attacking or spoofing the hardcoded DNS servers. NOTE: it could be argued that this issue reflects an inherent...
CVE-2005-3718
Affected product: UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6. Vulnerability details: The device does not allow users to disable access to (1) SNMP or (2) rlogin on TCP 513, enabling remote attackers to trigger other vulnerabilities (e.g., CVE-2005-3716) or exe...
CVE-2005-3721
CVE-2005-3721 concerns the Hitachi IP5000 VOIP WIFI Phone (firmware 1.5.6) where the HTTP server’s default configuration does not require authentication for sensitive configuration pages. This allows remote attackers to modify device configuration without credentials. The available references con...
PT-2005-4471 · Wind River +1 · Vxworks +2
Name of the Vulnerable Software and Affected Versions: UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 Description: The issue concerns hard-coded public credentials in the SNMP daemon that cannot be changed, allowing attackers to obtain sensitive information...