Multiple Vendor VoIP Phones Spoofed SIP Status Message Handling Weakness

Bugtraq ID: 14174
Class: Design Error
CVE:
Remote: Yes
Local: No
Published: Jul 06 2005 12:00AM
Updated: Jul 06 2005 12:00AM
Credit: Discovery is credited to Tobias Glemser <tglemser@tele-consulting.com>. Javor Ninov <drfrancky@securax.org> reported that this issue affects ZyXEL.
Vulnerable: ZyXEL Prestige 2000W VoIP Wi-Fi Phone
ZyXEL Prestige 2000W
Grandstream BudgeTone 100
Cisco VoIP Phone CP-7960 3.2
Cisco VoIP Phone CP-7960 3.1
Cisco VoIP Phone CP-7960 3.0
Cisco VoIP Phone CP-7940 3.2
Cisco VoIP Phone CP-7940 3.1
Cisco VoIP Phone CP-7940 3.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus