Avaya Communication Manager Multiple Security Vulnerabilities

Avaya Communication Manager Multiple Security Vulnerabilities

References:

Avaya Homepage (Avaya Inc.)
Communication Manager System Log Viewer Arbitrary Command Execution (VoIPshield)
Communication Manager View/Restore Data Credential Privilege Elevation (VoIPshield)
SIP Enablement Service View/Restore Data Configuration Privilege Elevation (VoIPshield)
SIP Enablement Service View/Restore Data Credential Privilege Elevation (VoIPshield)
SIP Enablement Service View/Restore Data Local Configuration Arbitrary Command E (VoIPshield)
SIP Enablement Service Web Interface Application Server Configuration Disclosure (VoIPshield)
SIP Enablement Service Web Interface Certificate Utility Disclosure (VoIPshield)
SIP Enablement Service Web Interface Database Password Decryption Utility Disclo (VoIPshield)
SIP Enablement Service Web Interface Database Server Configuration Disclosure (VoIPshield)
SIP Enablement Service Web Interface Default Application Execution (VoIPshield)
SIP Enablement Service Web Interface Objects Folder Script Execution (VoIPshield)
SIP Enablement Service Web Interface Password Decryption Utility Disclosure (VoIPshield)
SIP Enablement Service Web Interface Password Encryption Utility Disclosure (VoIPshield)
SIP Enablement Service Web Interface Server Configuration Information Applicatio (VoIPshield)
SIP Enablement Service Web Interface States Folder Script Execution (VoIPshield)
SIP Enablement Service Web Interface Unrestricted Help Access (VoIPshield)
ASA-2008-268 Input Validation and Unauthorized Access Vulnerabilities in Avaya S (Avaya)
ASA-2008-270 Additional Input Validation Vulnerabilities in Avaya Communication (Avaya)