Xpressa@2.0.1 Security Vulnerabilities and Issues — Xpressa@2.0.1 CVE List

Lucene search

PingtelXpressa2.0.1

3 matches found

CVE•added 2005/06/28 4:0 a.m.•47 views

CVE-2002-1935

Pingtel Xpressa 1.2.5 through 2.0.1 uses predictable (1) Call-ID, (2) CSeq, and (3) "To" and "From" SIP URL values in a Session Identification Protocol (SIP) request, which allows remote attackers to avoid registering with the SIP registrar.

5CVSS7AI score0.00392EPSS

CVE•added 2005/06/28 4:0 a.m.•35 views

CVE-2002-1934

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 2.0.1 leaks sensitive information during boot-up, which allows attackers to obtain the MD5 hash of the Admin password, MD5 hash of the physical password, and other registration information.

5CVSS6.3AI score0.00408EPSS

CVE•added 2005/02/20 5:0 a.m.•34 views

CVE-2004-1680

application.cgi in the Pingtel Xpressa handset running firmware 2.1.11.24 allows remote authenticated users to cause a denial of service (VxWorks OS crash) via a long HTTP GET request, possibly triggering a buffer overflow.

5CVSS7AI score0.00998EPSS