Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Sip enablement services'
2009-04-10
CVE-2008-6709
Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allows remote authenticated users to execute arbitrary commands via unknown vectors related to configuration of "local data viewing or restoring parameters."
CVE-2008-6708
Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x and 4.x, allows remote authenticated administrators to gain root privileges via unknown vectors related to configuration of "data viewing or restoring parameters."
CVE-2008-6707
The Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, does not perform authentication for certain functionality, which allows remote attackers to obtain sensitive information and access restricted functionality via (1) the certificate installation utility, (2) unspecified scripts in the objects folder, (3) an "unnecessary default application," (4) unspecified scripts in the states folder, (5) an unspecified "default application" that lists server configuration, and (6) "full system help."
CVE-2008-6706
Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain (1) application server configuration, (2) database server configuration including encrypted passwords, (3) a system utility that decrypts "subscriber table passwords," (4) a system utility that decrypts database passwords, and (5) a system utility that encrypts "subscriber table passwords."
2008-08-25
CVE-2008-3778
CWE-264
The remote management interface in SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, proceeds with Core router updates even when a login is invalid, which allows remote attackers to cause a denial of service (messaging outage) or gain privileges via an update request.
CVE-2008-3777
CWE-200
The SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, writes account names and passwords to the (1) alarm and (2) system logs during failed login attempts, which allows local users to obtain login credentials by reading these logs.
2007-03-16
CVE-2007-1491
Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allows connections from external interfaces via port 8009, which exposes it to attacks from outside parties.
>>>
Vendor:
Avaya
114
Products
Argent office
Libsafe
Cajun p550
Cajun p550r
Cajun p580
Cajun p880
Cajun p882
Cajun m770-atm
Cajun p130
Cajun p330
Predictive dialer system
Intuity audix
VSU
Converged communications server
S8300
S8500
S8700
Sg200
Sg203
Sg208
SG5
Ip600 media servers
Definity one media server
S8100
Modular messaging message storage server
Cvlan
Integrated management
Call management system server
S3400
Communication manager
Intuity audix lx
Mn100
Network routing
S8710
Interactive response
Enterprise manager
Control manager
Ip office phone manager
Ip soft phone
Vpnremote
Wireless ap-3
Wireless ap-4
Wireless ap-5
Wireless ap-6
Wireless ap-7
Wireless ap-8
Tn2602ap ip media resource 320 circuit pack
Vsu 100
Vsu 10000
Vsu 2000
Vsu 7500
Csu 5000
Sip enablement services
Media server
One-x
4602sw ip phone
Voip handset
Message networking
Messaging storage server
Broadcast server
Secure access link gateway
Aura application server 5300
Ip office customer call reporter
Vsp operating system software
Ip office contact center
AURA
Aura orchestration designer
Orchestration designer
Ip office
Call management system supervisor
One-x communicator
Agent access
Aura conferencing standard edition
Basic call management system reporting desktop
Call management server supervisor
Callvisor asai lan
Computer telephony
Contact center express
Customer interaction express
Interaction center
Ip agent
Ip softphone
Network reporting
Octelaccess(r) server
Octeldesignertm
Operational analyst
Outbound contact management
Speech access
Unified communication center
Unified messenger (r)
Visual messenger tm
Visual vector client
Vpnmanagertm console
Web messenger
Aura conferencing
Aura communication manager
Aura application enablement services
Aura communication manager messagint
Breeze platform
Call management system
See all Products for Vendor
Avaya
Copyright
2024
, cxsecurity.com
Back to Top