Executive Summary
| Summary | |
|---|---|
| Title | Cisco Unified IP Phone Overflow and Denial of Service Vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | cisco-sa-20080213-phone | First vendor Publication | 2007-09-12 |
| Vendor | Cisco | Last vendor Modification | 2008-02-13 |
| Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Cisco Unified IP Phone models contain multiple overflow and denial of service (DoS) vulnerabilities. There are workarounds for several of these vulnerabilities. Cisco has made free software available to address this issue for affected customers. |
Original Source
| Url : http://www.cisco.com/warp/public/707/cisco-sa-20080213-phone.shtml |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 67 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 33 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 | |
| Application | 1 | |
| Application | 1 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 41569 | Cisco Unified IP Phone Large ICMP Echo Packet DoS Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a long ICMP echo request (ping) packet. |
| 41568 | Cisco Unified IP Phone HTTP Server Malformed Request DoS The HTTP server in Cisco Unified IP Phone 7935 and 7936 running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a crafted HTTP request. |
| 41566 | Cisco Unified IP Phone MIME Encoded Data Handling Overflow Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote attackers to execute arbitrary code via a SIP message with crafted MIME data. |
| 41564 | Cisco Unified IP Phone Telnet Server Overflow Buffer overflow in the telnet server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G running SCCP firmware might allow remote authenticated users to execute arbitrary code via a crafted command. |
| 41563 | Cisco Unified IP Phone DNS Response Handling Overflow Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP and SIP firmware might allow remote attackers to execute arbitrary code via a crafted DNS response. |
| 41562 | Cisco Unified IP Phone SIP Proxy Challenge/Response Overflow Heap-based buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote SIP servers to execute arbitrary code via a crafted challenge/response message. |
| 8137 | Dropbear SSH Server DSS Verification Failure Remote Privilege Escalation Dropbear contains a flaw related to uninitialised variables in the DSS (Digital Signature Standard) verification code. No further details have been provided. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2004-08-09 | Name : Arbitrary code may be run on the remote host. File : dropbear_ssh.nasl - Type : ACT_GATHER_INFO |
