RSS   Vulnerabilities for '4602sw ip phone'   RSS

2007-06-21
 
CVE-2007-3322

 

 
The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware uses a constant media port number for calls, which allows remote attackers to cause a denial of service (audio quality loss) via a flood of packets to the RTP port.

 
 
CVE-2007-3321

 

 
The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware allows remote attackers to cause a denial of service (device reboot) via a flood of packets to the BOOTP port (68/udp).

 
 
CVE-2007-3320

 

 
The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware accepts SIP INVITE requests from arbitrary source IP addresses, which allows remote attackers to have an unspecified impact.

 
 
CVE-2007-3319

 

 
The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware does not use the cnonce parameter in the Authorization header of SIP requests during MD5 digest authentication, which allows remote attackers to conduct man-in-the-middle attacks and hijack or intercept communications.

 

 >>> Vendor: Avaya 93 Products
Argent office
Libsafe
Cajun p550
Cajun p550r
Cajun p580
Cajun p880
Cajun p882
Cajun m770-atm
Cajun p130
Cajun p330
Predictive dialer system
Intuity audix
VSU
Converged communications server
S8300
S8500
S8700
Sg200
Sg203
Sg208
SG5
Ip600 media servers
Definity one media server
S8100
Modular messaging message storage server
Cvlan
Integrated management
Call management system server
S3400
Communication manager
Intuity audix lx
Mn100
Network routing
S8710
Interactive response
Ip office phone manager
Ip soft phone
Vpnremote
Wireless ap-3
Wireless ap-4
Wireless ap-5
Wireless ap-6
Wireless ap-7
Wireless ap-8
Tn2602ap ip media resource 320 circuit pack
Vsu 100
Vsu 10000
Vsu 2000
Vsu 7500
Csu 5000
Sip enablement services
Media server
One-x
4602sw ip phone
Voip handset
Message networking
Messaging storage server
Broadcast server
Secure access link gateway
Aura application server 5300
Ip office customer call reporter
Vsp operating system software
Ip office contact center
AURA
Aura orchestration designer
Orchestration designer
Ip office
Call management system supervisor
One-x communicator
Agent access
Aura conferencing standard edition
Basic call management system reporting desktop
Call management server supervisor
Callvisor asai lan
Computer telephony
Contact center express
Customer interaction express
Enterprise manager
Interaction center
Ip agent
Ip softphone
Network reporting
Octelaccess(r) server
Octeldesignertm
Operational analyst
Outbound contact management
Speech access
Unified communication center
Unified messenger (r)
Visual messenger tm
Visual vector client
Vpnmanagertm console
Web messenger


Copyright 2019, cxsecurity.com

 

Back to Top