CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 0CVE-2007-3320
https://notcve.org/view.php?id=CVE-2007-3320
The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware accepts SIP INVITE requests from arbitrary source IP addresses, which allows remote attackers to have an unspecified impact. El Avaya 4602SW IP Phone (Model 4602D02A) con software empotrado (firmware) SIP 2.2.2 y versiones anteriores acepta peticiones SIP INVITE desde direcciones IP origen arbitrarias, lo que permite a atacantes remotos tener un impacto desconocido. • http://osvdb.org/38116 http://secunia.com/advisories/25747 http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm http://www.securityfocus.com/bid/24544 http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=300& https://exchange.xforce.ibmcloud.com/vulnerabilities/34971 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2007-3322
https://notcve.org/view.php?id=CVE-2007-3322
The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware uses a constant media port number for calls, which allows remote attackers to cause a denial of service (audio quality loss) via a flood of packets to the RTP port. El Avaya 4602 SW IP Phone (Model 4602D02A) con software empotrado (firmware) SIP 2.2.2 y versiones anteriores utiliza una media constante de número de puertos para las llamadas, lo que puede permitir a atacantes remotos provocar una denegación de servicio (pérdida de calidad de sonido) a través de una inundación de paquetes al puerto RTP. • http://osvdb.org/38118 http://secunia.com/advisories/25747 http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=302& https://exchange.xforce.ibmcloud.com/vulnerabilities/34968 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2007-3319
https://notcve.org/view.php?id=CVE-2007-3319
The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware does not use the cnonce parameter in the Authorization header of SIP requests during MD5 digest authentication, which allows remote attackers to conduct man-in-the-middle attacks and hijack or intercept communications. El Avaya 4602SW IP Phone (Model 4602D02A) con software empotrado (firmware) 2.2.2 y versiones anteriores no utiliza el parámetro cnonce en la cabecera de autorización de las peticiones SIP durante la autenticación resumida MD5, lo que permite a atacantes remotos llevar a cabo ataques de "hombre en medio" (man-in-the-middle) y secuestrar o interceptar comunicaciones. • http://osvdb.org/38115 http://secunia.com/advisories/25747 http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm http://www.securityfocus.com/bid/24539 http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=299& https://exchange.xforce.ibmcloud.com/vulnerabilities/34972 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2007-3321
https://notcve.org/view.php?id=CVE-2007-3321
The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware allows remote attackers to cause a denial of service (device reboot) via a flood of packets to the BOOTP port (68/udp). El Avaya 4602SW IP Phone (Model 4602D02A) con software empotrado (firmware) SIP 2.2.2 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (reinicio de los dispositivos) a través de una inundación de paquetes al puerto BOOTP (68/udp). • http://osvdb.org/38117 http://secunia.com/advisories/25747 http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=301& https://exchange.xforce.ibmcloud.com/vulnerabilities/34970 •