Vulnerabilites related to cisco - ip_phone_7940
cve-2003-1109
Vulnerability from cvelistv5
Published
2005-03-11 05:00
Modified
2024-08-08 02:12
Severity ?
EPSS score ?
Summary
The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/ | x_refsource_MISC | |
| http://www.securitytracker.com/id?1006145 | vdb-entry, x_refsource_SECTRACK | |
| http://www.cisco.com/warp/public/707/cisco-sa-20030221-protos.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1006144 | vdb-entry, x_refsource_SECTRACK | |
| http://www.kb.cert.org/vuls/id/528719 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.cert.org/advisories/CA-2003-06.html | third-party-advisory, x_refsource_CERT | |
| http://www.securityfocus.com/bid/6904 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11379 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1006143 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:36.117Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/"
},
{
"name": "1006145",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1006145"
},
{
"name": "20030221 Multiple Product Vulnerabilities Found by PROTOS SIP Test Suite",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030221-protos.shtml"
},
{
"name": "1006144",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1006144"
},
{
"name": "VU#528719",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/528719"
},
{
"name": "CA-2003-06",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-06.html"
},
{
"name": "6904",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6904"
},
{
"name": "sip-invite(11379)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11379"
},
{
"name": "1006143",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1006143"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/"
},
{
"name": "1006145",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1006145"
},
{
"name": "20030221 Multiple Product Vulnerabilities Found by PROTOS SIP Test Suite",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030221-protos.shtml"
},
{
"name": "1006144",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1006144"
},
{
"name": "VU#528719",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/528719"
},
{
"name": "CA-2003-06",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-06.html"
},
{
"name": "6904",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6904"
},
{
"name": "sip-invite(11379)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11379"
},
{
"name": "1006143",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1006143"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/",
"refsource": "MISC",
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/"
},
{
"name": "1006145",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1006145"
},
{
"name": "20030221 Multiple Product Vulnerabilities Found by PROTOS SIP Test Suite",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030221-protos.shtml"
},
{
"name": "1006144",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1006144"
},
{
"name": "VU#528719",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/528719"
},
{
"name": "CA-2003-06",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-06.html"
},
{
"name": "6904",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6904"
},
{
"name": "sip-invite(11379)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11379"
},
{
"name": "1006143",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1006143"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1109",
"datePublished": "2005-03-11T05:00:00",
"dateReserved": "2005-03-11T00:00:00",
"dateUpdated": "2024-08-08T02:12:36.117Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5583
Vulnerability from cvelistv5
Published
2007-12-18 01:00
Modified
2024-08-07 15:39
Severity ?
EPSS score ?
Summary
Cisco IP Phone 7940 with firmware P0S3-08-7-00 allows remote attackers to cause a denial of service ("486 Busy" responses or device reboot) via a sequence of SIP INVITE transactions in which the Request-URI lacks a user name, a different vulnerability than CVE-2007-4459.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/26711 | vdb-entry, x_refsource_BID | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/058932.html | mailing-list, x_refsource_FULLDISC | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/058837.html | mailing-list, x_refsource_FULLDISC | |
| https://www.exploit-db.com/exploits/4692 | exploit, x_refsource_EXPLOIT-DB | |
| http://seclists.org/fulldisclosure/2007/Dec/0196.html | mailing-list, x_refsource_FULLDISC | |
| http://www.securitytracker.com/id?1019059 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/38853 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.208Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26711",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26711"
},
{
"name": "20071208 Cisco Phone 7940 remote DOS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/058932.html"
},
{
"name": "20071205 Cisco Phone 7940 remote DOS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/058837.html"
},
{
"name": "4692",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4692"
},
{
"name": "20071208 Re: Cisco Phone 7940 remote DOS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2007/Dec/0196.html"
},
{
"name": "1019059",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019059"
},
{
"name": "cisco-ipphone-invite-dos(38853)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38853"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco IP Phone 7940 with firmware P0S3-08-7-00 allows remote attackers to cause a denial of service (\"486 Busy\" responses or device reboot) via a sequence of SIP INVITE transactions in which the Request-URI lacks a user name, a different vulnerability than CVE-2007-4459."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "26711",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26711"
},
{
"name": "20071208 Cisco Phone 7940 remote DOS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/058932.html"
},
{
"name": "20071205 Cisco Phone 7940 remote DOS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/058837.html"
},
{
"name": "4692",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4692"
},
{
"name": "20071208 Re: Cisco Phone 7940 remote DOS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2007/Dec/0196.html"
},
{
"name": "1019059",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019059"
},
{
"name": "cisco-ipphone-invite-dos(38853)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38853"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2007-5583",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco IP Phone 7940 with firmware P0S3-08-7-00 allows remote attackers to cause a denial of service (\"486 Busy\" responses or device reboot) via a sequence of SIP INVITE transactions in which the Request-URI lacks a user name, a different vulnerability than CVE-2007-4459."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26711",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26711"
},
{
"name": "20071208 Cisco Phone 7940 remote DOS",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/058932.html"
},
{
"name": "20071205 Cisco Phone 7940 remote DOS",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/058837.html"
},
{
"name": "4692",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4692"
},
{
"name": "20071208 Re: Cisco Phone 7940 remote DOS",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2007/Dec/0196.html"
},
{
"name": "1019059",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019059"
},
{
"name": "cisco-ipphone-invite-dos(38853)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38853"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2007-5583",
"datePublished": "2007-12-18T01:00:00",
"dateReserved": "2007-10-19T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-0179
Vulnerability from cvelistv5
Published
2006-01-11 21:00
Modified
2024-08-07 16:25
Severity ?
EPSS score ?
Summary
The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24117 | vdb-entry, x_refsource_XF | |
| http://www.osvdb.org/22469 | vdb-entry, x_refsource_OSVDB | |
| http://www.vupen.com/english/advisories/2006/0202 | vdb-entry, x_refsource_VUPEN | |
| http://www.cisco.com/warp/public/707/cisco-response-20060113-ip-phones.shtml | vendor-advisory, x_refsource_CISCO | |
| http://securitytracker.com/id?1015488 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/18479 | third-party-advisory, x_refsource_SECUNIA | |
| http://downloads.securityfocus.com/vulnerabilities/exploits/cisco_ip7940_dos.pl | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/1411 | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securityfocus.com/bid/16200 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:25:34.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-ipphone-synflood-dos(24117)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24117"
},
{
"name": "22469",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22469"
},
{
"name": "ADV-2006-0202",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0202"
},
{
"name": "20060113 Response to Cisco IP Phone 7940 DoS Exploit posted on milw0rm.com",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-response-20060113-ip-phones.shtml"
},
{
"name": "1015488",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015488"
},
{
"name": "18479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18479"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/cisco_ip7940_dos.pl"
},
{
"name": "1411",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/1411"
},
{
"name": "16200",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16200"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "cisco-ipphone-synflood-dos(24117)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24117"
},
{
"name": "22469",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22469"
},
{
"name": "ADV-2006-0202",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0202"
},
{
"name": "20060113 Response to Cisco IP Phone 7940 DoS Exploit posted on milw0rm.com",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-response-20060113-ip-phones.shtml"
},
{
"name": "1015488",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015488"
},
{
"name": "18479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18479"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/cisco_ip7940_dos.pl"
},
{
"name": "1411",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/1411"
},
{
"name": "16200",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16200"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0179",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cisco-ipphone-synflood-dos(24117)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24117"
},
{
"name": "22469",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22469"
},
{
"name": "ADV-2006-0202",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0202"
},
{
"name": "20060113 Response to Cisco IP Phone 7940 DoS Exploit posted on milw0rm.com",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-response-20060113-ip-phones.shtml"
},
{
"name": "1015488",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015488"
},
{
"name": "18479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18479"
},
{
"name": "http://downloads.securityfocus.com/vulnerabilities/exploits/cisco_ip7940_dos.pl",
"refsource": "MISC",
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/cisco_ip7940_dos.pl"
},
{
"name": "1411",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/1411"
},
{
"name": "16200",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16200"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0179",
"datePublished": "2006-01-11T21:00:00",
"dateReserved": "2006-01-11T00:00:00",
"dateUpdated": "2024-08-07T16:25:34.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-2181
Vulnerability from cvelistv5
Published
2005-07-10 04:00
Modified
2024-08-07 22:15
Severity ?
EPSS score ?
Summary
Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages such as the "Messages waiting" message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/alerts/2005/Jul/1014406.html | vdb-entry, x_refsource_SECTRACK | |
| http://marc.info/?l=bugtraq&m=112067698624686&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://pentest.tele-consulting.com/advisories/05_07_06_voip-phones.txt | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/21260 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:15:37.672Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1014406",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/alerts/2005/Jul/1014406.html"
},
{
"name": "20050706 VoIP-Phones: Weakness in proccessing SIP-Notify-Messages",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112067698624686\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://pentest.tele-consulting.com/advisories/05_07_06_voip-phones.txt"
},
{
"name": "sip-notify-message-spoof(21260)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21260"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-07-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages such as the \"Messages waiting\" message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1014406",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/alerts/2005/Jul/1014406.html"
},
{
"name": "20050706 VoIP-Phones: Weakness in proccessing SIP-Notify-Messages",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112067698624686\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://pentest.tele-consulting.com/advisories/05_07_06_voip-phones.txt"
},
{
"name": "sip-notify-message-spoof(21260)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21260"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2181",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages such as the \"Messages waiting\" message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1014406",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/alerts/2005/Jul/1014406.html"
},
{
"name": "20050706 VoIP-Phones: Weakness in proccessing SIP-Notify-Messages",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112067698624686\u0026w=2"
},
{
"name": "http://pentest.tele-consulting.com/advisories/05_07_06_voip-phones.txt",
"refsource": "MISC",
"url": "http://pentest.tele-consulting.com/advisories/05_07_06_voip-phones.txt"
},
{
"name": "sip-notify-message-spoof(21260)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21260"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2181",
"datePublished": "2005-07-10T04:00:00",
"dateReserved": "2005-07-10T00:00:00",
"dateUpdated": "2024-08-07T22:15:37.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2006-01-11 21:03
Modified
2024-11-21 00:05
Severity ?
Summary
The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ip_phone_7940 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7940:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F39E4B-C895-42E2-A7A7-C7026D17BE0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80."
}
],
"id": "CVE-2006-0179",
"lastModified": "2024-11-21T00:05:50.843",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-01-11T21:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/cisco_ip7940_dos.pl"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18479"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://securitytracker.com/id?1015488"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-response-20060113-ip-phones.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/22469"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/16200"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0202"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24117"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/1411"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/cisco_ip7940_dos.pl"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://securitytracker.com/id?1015488"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-response-20060113-ip-phones.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/22469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/16200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/1411"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-07-11 04:00
Modified
2024-11-20 23:58
Severity ?
Summary
Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages such as the "Messages waiting" message.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=112067698624686&w=2 | Mailing List | |
| cve@mitre.org | http://pentest.tele-consulting.com/advisories/05_07_06_voip-phones.txt | Broken Link, Vendor Advisory | |
| cve@mitre.org | http://www.securitytracker.com/alerts/2005/Jul/1014406.html | Broken Link, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/21260 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=112067698624686&w=2 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://pentest.tele-consulting.com/advisories/05_07_06_voip-phones.txt | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/alerts/2005/Jul/1014406.html | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/21260 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ip_phone_7940_firmware | - | |
| cisco | ip_phone_7940 | - | |
| cisco | ip_phone_7960_firmware | - | |
| cisco | ip_phone_7960 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7940_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D28EB68E-2F6D-4282-9498-2C2B9B5C8FB1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7940:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5699B0-45CB-45DA-A52A-FA703DED2558",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7960_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE89E42C-CDC2-4504-9209-959412358487",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8A58AD-C791-4803-91FA-7E197612A3C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages such as the \"Messages waiting\" message."
}
],
"id": "CVE-2005-2181",
"lastModified": "2024-11-20T23:58:58.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2005-07-11T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112067698624686\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://pentest.tele-consulting.com/advisories/05_07_06_voip-phones.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/alerts/2005/Jul/1014406.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21260"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112067698624686\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://pentest.tele-consulting.com/advisories/05_07_06_voip-phones.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/alerts/2005/Jul/1014406.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21260"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:46
Severity ?
Summary
The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios | 12.2\(1\)xa | |
| cisco | ios | 12.2\(1\)xd | |
| cisco | ios | 12.2\(1\)xd1 | |
| cisco | ios | 12.2\(1\)xd3 | |
| cisco | ios | 12.2\(1\)xd4 | |
| cisco | ios | 12.2\(1\)xe | |
| cisco | ios | 12.2\(1\)xe2 | |
| cisco | ios | 12.2\(1\)xe3 | |
| cisco | ios | 12.2\(1\)xh | |
| cisco | ios | 12.2\(1\)xq | |
| cisco | ios | 12.2\(1\)xs | |
| cisco | ios | 12.2\(1\)xs1 | |
| cisco | ios | 12.2\(2\)t4 | |
| cisco | ios | 12.2\(2\)xa | |
| cisco | ios | 12.2\(2\)xa1 | |
| cisco | ios | 12.2\(2\)xa5 | |
| cisco | ios | 12.2\(2\)xb | |
| cisco | ios | 12.2\(2\)xb3 | |
| cisco | ios | 12.2\(2\)xb4 | |
| cisco | ios | 12.2\(2\)xf | |
| cisco | ios | 12.2\(2\)xg | |
| cisco | ios | 12.2\(2\)xh | |
| cisco | ios | 12.2\(2\)xh2 | |
| cisco | ios | 12.2\(2\)xh3 | |
| cisco | ios | 12.2\(2\)xi | |
| cisco | ios | 12.2\(2\)xi1 | |
| cisco | ios | 12.2\(2\)xi2 | |
| cisco | ios | 12.2\(2\)xj | |
| cisco | ios | 12.2\(2\)xj1 | |
| cisco | ios | 12.2\(2\)xk | |
| cisco | ios | 12.2\(2\)xk2 | |
| cisco | ios | 12.2\(2\)xn | |
| cisco | ios | 12.2\(2\)xt | |
| cisco | ios | 12.2\(2\)xt3 | |
| cisco | ios | 12.2\(2\)xu | |
| cisco | ios | 12.2\(2\)xu2 | |
| cisco | ios | 12.2\(11\)t | |
| cisco | ios | 12.2t | |
| cisco | ios | 12.2xa | |
| cisco | ios | 12.2xb | |
| cisco | ios | 12.2xc | |
| cisco | ios | 12.2xd | |
| cisco | ios | 12.2xe | |
| cisco | ios | 12.2xf | |
| cisco | ios | 12.2xg | |
| cisco | ios | 12.2xh | |
| cisco | ios | 12.2xi | |
| cisco | ios | 12.2xj | |
| cisco | ios | 12.2xk | |
| cisco | ios | 12.2xl | |
| cisco | ios | 12.2xm | |
| cisco | ios | 12.2xn | |
| cisco | ios | 12.2xq | |
| cisco | ios | 12.2xr | |
| cisco | ios | 12.2xs | |
| cisco | ios | 12.2xt | |
| cisco | ios | 12.2xw | |
| cisco | ip_phone_7940 | * | |
| cisco | ip_phone_7960 | * | |
| cisco | pix_firewall_software | 5.2\(1\) | |
| cisco | pix_firewall_software | 5.2\(2\) | |
| cisco | pix_firewall_software | 5.2\(3.210\) | |
| cisco | pix_firewall_software | 5.2\(5\) | |
| cisco | pix_firewall_software | 5.2\(6\) | |
| cisco | pix_firewall_software | 5.2\(7\) | |
| cisco | pix_firewall_software | 5.3 | |
| cisco | pix_firewall_software | 5.3\(1\) | |
| cisco | pix_firewall_software | 5.3\(1.200\) | |
| cisco | pix_firewall_software | 5.3\(2\) | |
| cisco | pix_firewall_software | 5.3\(3\) | |
| cisco | pix_firewall_software | 6.0 | |
| cisco | pix_firewall_software | 6.0\(1\) | |
| cisco | pix_firewall_software | 6.0\(2\) | |
| cisco | pix_firewall_software | 6.1\(2\) | |
| cisco | pix_firewall_software | 6.2\(1\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xa:*:*:*:*:*:*:*",
"matchCriteriaId": "915157AA-15BE-4792-95D8-4D1E1EF34EB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xd:*:*:*:*:*:*:*",
"matchCriteriaId": "F38C9EE3-1A86-4930-AEF7-EAC3A2713DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xd1:*:*:*:*:*:*:*",
"matchCriteriaId": "742CC70E-68FB-4658-A475-E7BBC5983878",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xd3:*:*:*:*:*:*:*",
"matchCriteriaId": "10CE5741-1569-4B69-B7F7-094F0C6101AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xd4:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B4D71A-D418-4E6B-88F7-50833C00236C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xe:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD14702-51AC-46B1-95A3-4AD47A4DCD21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xe2:*:*:*:*:*:*:*",
"matchCriteriaId": "6FA8E55E-7E11-4D46-A1BC-B3655906FDF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xe3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E16ED18-4EB6-40D5-A857-6398A78693D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xh:*:*:*:*:*:*:*",
"matchCriteriaId": "979D4077-A3CB-4134-B180-EF10F01413BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xq:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C96C90-8B2D-4A88-A4B8-FA43332BD8D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xs:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9B3920-D3F1-478F-ADE9-6022763E8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xs1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC9CF50-E0F7-4513-B7EB-A2E095D3E194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)t4:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A3E8C4-0E94-4027-ABDE-47A364071D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xa:*:*:*:*:*:*:*",
"matchCriteriaId": "07398411-7920-4B52-92C8-3696F49370B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xa1:*:*:*:*:*:*:*",
"matchCriteriaId": "371FA715-3966-4071-961F-12E691608DB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xa5:*:*:*:*:*:*:*",
"matchCriteriaId": "3E2713E8-3E4B-4C60-9ABD-01B962A85A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xb:*:*:*:*:*:*:*",
"matchCriteriaId": "5400D72E-CD49-41E7-BA47-33E3AB920320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xb3:*:*:*:*:*:*:*",
"matchCriteriaId": "5A44418C-C041-4A98-9D1F-1E7510B9AD1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xb4:*:*:*:*:*:*:*",
"matchCriteriaId": "474FA3DA-6967-48A6-AAB4-E7C382D3C942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xf:*:*:*:*:*:*:*",
"matchCriteriaId": "E319FE1E-8D75-4CA2-8EA9-C1C32C290891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xg:*:*:*:*:*:*:*",
"matchCriteriaId": "B82C4003-D2CD-4243-8A8D-B8A9B449D096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xh:*:*:*:*:*:*:*",
"matchCriteriaId": "29056463-CDD9-4399-964E-14BDBFF760A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xh2:*:*:*:*:*:*:*",
"matchCriteriaId": "259BD3FC-FFC5-44B7-8641-917A1BF2E98C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xh3:*:*:*:*:*:*:*",
"matchCriteriaId": "34F414DF-19C3-42BC-B43D-5CF60A3C0991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xi:*:*:*:*:*:*:*",
"matchCriteriaId": "E32D7BFD-EC96-464D-81CB-E9CC12C21EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xi1:*:*:*:*:*:*:*",
"matchCriteriaId": "32421120-BCA2-4218-8CB3-C77452A69295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xi2:*:*:*:*:*:*:*",
"matchCriteriaId": "B03537E8-D899-44D5-976D-A6E10FF16FF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xj:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4C67B0-81D3-4430-A9F7-6F15C601693E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xj1:*:*:*:*:*:*:*",
"matchCriteriaId": "520E6B5D-C163-4633-A2DC-D02335838FDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xk:*:*:*:*:*:*:*",
"matchCriteriaId": "BA145839-3DC4-41C4-96B7-88B8EE87D70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xk2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC95C37-9102-45C7-813A-15A0ACFF5D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xn:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8D649D-474E-4661-A68E-517EA3563CAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xt:*:*:*:*:*:*:*",
"matchCriteriaId": "E0FEB158-215B-4C9D-8882-D44EE7F90B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xt3:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BD8E31-5117-4E79-92A4-5FF08BC8BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xu:*:*:*:*:*:*:*",
"matchCriteriaId": "274DF264-D0DE-46DC-A91F-DD53ACE06AAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xu2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC678F0D-4307-48B9-8C29-9E85DB756809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "92A9D069-4C88-4BE1-92E3-8A7056DD8825",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:*",
"matchCriteriaId": "84900BB3-B49F-448A-9E04-FE423FBCCC4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xa:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC6758B-C6EE-45CB-AC2D-28C4AE709DD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xb:*:*:*:*:*:*:*",
"matchCriteriaId": "075CD42D-070A-49BA-90D9-E7925BB41A38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xc:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB9967A-1EBD-4BE0-8651-1C7D42B2BF4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xd:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB8E66C-A16F-4CC5-9FDF-AE274FF035EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xe:*:*:*:*:*:*:*",
"matchCriteriaId": "746DDC61-3981-4E93-A7EE-C120E0265485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xf:*:*:*:*:*:*:*",
"matchCriteriaId": "FCC88CC5-CF58-48A3-AFB6-FD38E5F40845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xg:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF2C6C2-58E8-4EA6-84FB-4D11F31490A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xh:*:*:*:*:*:*:*",
"matchCriteriaId": "4628FDA0-4260-4493-92C9-4574E5EC06A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xi:*:*:*:*:*:*:*",
"matchCriteriaId": "F9FA064A-6E1A-4415-84D4-1A33FF667011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xj:*:*:*:*:*:*:*",
"matchCriteriaId": "EE896909-F8C3-4723-B5E7-9FB5FA2B73B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xk:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9CDCE5-F6D3-4FA3-ADA0-EED2517FF7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xl:*:*:*:*:*:*:*",
"matchCriteriaId": "7E03EE34-C398-43B4-A529-BE7BAFA4B3C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xm:*:*:*:*:*:*:*",
"matchCriteriaId": "21147732-FA22-4728-B5F2-D115B78A8EDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xn:*:*:*:*:*:*:*",
"matchCriteriaId": "4D717498-4DF9-4D15-A25B-D777FF460E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xq:*:*:*:*:*:*:*",
"matchCriteriaId": "4B40548F-3914-4227-9E4C-F1B34071C069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xr:*:*:*:*:*:*:*",
"matchCriteriaId": "C1C23EC9-C1C6-4F73-9FF5-24A5B97B8D91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xs:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE49281-0571-49F7-95FF-68B1ACA07537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xt:*:*:*:*:*:*:*",
"matchCriteriaId": "9B09B72E-6862-4115-9A0B-574089A94289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xw:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5C90EE-A9C0-461C-9E89-732BFA9BD066",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7940:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F39E4B-C895-42E2-A7A7-C7026D17BE0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7960:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E77332-1288-409C-8A5F-435E4A866EF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "626E41D2-A5EF-493D-9486-3D9BC3793EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EBA31E4D-2215-4E4A-BCCC-B3D922CB752D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(3.210\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4F16AD2C-1CC1-43D9-A944-F67071B62E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A42FFBF7-9ADB-4F14-BED8-F2E53BEE7B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "25D16481-CA9A-4B4D-AC9D-3A4F0387FF19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "56E4588E-6C1F-4720-8082-0EF299435CB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ED24C763-7558-4AC0-AE10-FDA3D3078D27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4CC85ED3-B598-4A87-A2B8-8D3B52ECC2F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(1.200\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C84CE24E-4ED6-43D0-A234-FBD24D22A8A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FF84B9FE-7C6C-4578-A5A9-EF0D5EEEEC19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "72C3E2B4-3A36-44B5-90D3-1BF9FAD98579",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C558CED8-8342-46CB-9F52-580B626D320E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0F85D19E-6C26-429D-B876-F34238B9DAAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E2B925E8-D2C2-4E8C-AC21-0C422245C482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5226C9CC-6933-4F10-B426-B47782C606FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite."
}
],
"id": "CVE-2003-1109",
"lastModified": "2024-11-20T23:46:22.417",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-06.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030221-protos.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/528719"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/6904"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1006143"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1006144"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1006145"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-06.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030221-protos.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/528719"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/6904"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1006143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1006144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1006145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11379"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-12-18 01:46
Modified
2024-11-21 00:38
Severity ?
Summary
Cisco IP Phone 7940 with firmware P0S3-08-7-00 allows remote attackers to cause a denial of service ("486 Busy" responses or device reboot) via a sequence of SIP INVITE transactions in which the Request-URI lacks a user name, a different vulnerability than CVE-2007-4459.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ip_phone_7940 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7940:*:firmware_p0s3-08-7-00:*:*:*:*:*:*",
"matchCriteriaId": "59AC8379-88A8-455E-AE16-41FF4C42C4A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco IP Phone 7940 with firmware P0S3-08-7-00 allows remote attackers to cause a denial of service (\"486 Busy\" responses or device reboot) via a sequence of SIP INVITE transactions in which the Request-URI lacks a user name, a different vulnerability than CVE-2007-4459."
},
{
"lang": "es",
"value": "Cisco IP Phone 7940 con firmware P0S3-08-7-00 permite a atacantes remotos provocar denegaci\u00f3n de servicio (respuesta \"486 busy\" o reinicio del dispositivo) a trav\u00e9s de una secuencia de transacciones SIP INVITE en los cuales la respuesta-URI carece de un nombre de usuario, una vulnerabilidad diferente que CVE-2007-4459."
}
],
"id": "CVE-2007-5583",
"lastModified": "2024-11-21T00:38:15.080",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-12-18T01:46:00.000",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Exploit"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/058837.html"
},
{
"source": "psirt@cisco.com",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/058932.html"
},
{
"source": "psirt@cisco.com",
"url": "http://seclists.org/fulldisclosure/2007/Dec/0196.html"
},
{
"source": "psirt@cisco.com",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/26711"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securitytracker.com/id?1019059"
},
{
"source": "psirt@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38853"
},
{
"source": "psirt@cisco.com",
"url": "https://www.exploit-db.com/exploits/4692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/058837.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/058932.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2007/Dec/0196.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/26711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019059"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38853"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/4692"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}