CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3321
https://notcve.org/view.php?id=CVE-2007-3321
21 Jun 2007 — The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware allows remote attackers to cause a denial of service (device reboot) via a flood of packets to the BOOTP port (68/udp). El Avaya 4602SW IP Phone (Model 4602D02A) con software empotrado (firmware) SIP 2.2.2 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (reinicio de los dispositivos) a través de una inundación de paquetes al puerto BOOTP (68/udp). • http://osvdb.org/38117 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3322
https://notcve.org/view.php?id=CVE-2007-3322
21 Jun 2007 — The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware uses a constant media port number for calls, which allows remote attackers to cause a denial of service (audio quality loss) via a flood of packets to the RTP port. El Avaya 4602 SW IP Phone (Model 4602D02A) con software empotrado (firmware) SIP 2.2.2 y versiones anteriores utiliza una media constante de número de puertos para las llamadas, lo que puede permitir a atacantes remotos provocar una denegación de servicio (pérdida de... • http://osvdb.org/38118 •
CVSS: 9.8EPSS: 39%CPEs: 37EXPL: 0CVE-2007-2374
https://notcve.org/view.php?id=CVE-2007-2374
30 Apr 2007 — Unspecified vulnerability in Microsoft Windows 2000, XP, and Server 2003 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory is from a reliable source. Vulnerabilidad no especificada en Microsoft Windows 2000, XP, y Server 2003 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante vectores no especificados. NOTA: est... • http://osvdb.org/35637 •
CVSS: 9.3EPSS: 57%CPEs: 43EXPL: 11CVE-2007-1765 – Microsoft Windows Explorer - '.ANI' File Denial of Service
https://notcve.org/view.php?id=CVE-2007-1765
30 Mar 2007 — Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier. Una vulnerabilidad n... • https://www.exploit-db.com/exploits/3684 •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2007-1490
https://notcve.org/view.php?id=CVE-2007-1490
16 Mar 2007 — Unspecified maintenance web pages in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allow remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors (aka "shell command injection"). Páginas web de mantenimiento no especificadas en Avaya S87XX, S8500, y S8300 versiones anteriores a CM 3.1.3, y Avaya SES permite a usuarios remotos autenticados ejecutar comandos de su elección mediante metacaracteres shell en vectores si especificar (también conocido ... • http://secunia.com/advisories/24434 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2007-1491
https://notcve.org/view.php?id=CVE-2007-1491
16 Mar 2007 — Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allows connections from external interfaces via port 8009, which exposes it to attacks from outside parties. Apache Tomcat en Avaya S87XX, S8500, y S8300 versiones anteriores a CM 3.1.3, y Avaya SES permite conexiones de interfaces externas mediante el puerto 8009, que lo expone a ataques de fuentes externas. • http://secunia.com/advisories/24434 •
CVSS: 6.1EPSS: 0%CPEs: 16EXPL: 0CVE-2007-1367
https://notcve.org/view.php?id=CVE-2007-1367
09 Mar 2007 — Cross-site scripting (XSS) vulnerability in the login page in Avaya Communications Manager (CM) S87XX, S8500, and S8300 products before 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the Login field. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la página de autenticación de los productos Avaya Communications Manager (CM) S87XX, S8500 y S8300 anteriores al 3.1.3 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante el ... • http://secunia.com/advisories/24397 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2006-1058
https://notcve.org/view.php?id=CVE-2006-1058
04 Apr 2006 — BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables. BusyBox 1.1.1 no utiliza una "sal" cuando genera contraseñas, lo que facilita a usuarios locales adivinar contraseñas a partir de un fichero de contraseñas robado usando técnicas como tablas "rainbow". • http://bugs.busybox.net/view.php?id=604 • CWE-916: Use of Password Hash With Insufficient Computational Effort •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2006-0718
https://notcve.org/view.php?id=CVE-2006-0718
15 Feb 2006 — The Internet Key Exchange version 1 (IKEv1) implementation in Avaya VSU 100, 2000, 7500, 10000, and CSU 5000, when running IPSec, allows remote attackers to cause a denial of service (crash) via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. • http://secunia.com/advisories/18836 •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2005-2762
https://notcve.org/view.php?id=CVE-2005-2762
31 Dec 2005 — Avaya VPNRemote before 4.2.33 stores credentials in cleartext in process memory, which allows attackers to obtain the VPN user's credentials. • http://support.avaya.com/elmodocs2/security/ASA-2005-230.pdf •