CVE-2006-2166
https://notcve.org/view.php?id=CVE-2006-2166
Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and earlier, when running on any CUE Advanced Integration Module (AIM) or Network Module (NM), allows remote authenticated attackers to reset the password for any user with an expired password. • http://secunia.com/advisories/19881 http://securitytracker.com/id?1016015 http://www.cisco.com/warp/public/707/cisco-sa-20060501-cue.shtml http://www.osvdb.org/25165 http://www.securityfocus.com/bid/17775 http://www.vupen.com/english/advisories/2006/1613 https://exchange.xforce.ibmcloud.com/vulnerabilities/26165 •
CVE-2005-4794
https://notcve.org/view.php?id=CVE-2005-4794
Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset. • http://secunia.com/advisories/15472 http://securitytracker.com/id?1014043 http://securitytracker.com/id?1014044 http://securitytracker.com/id?1014045 http://securitytracker.com/id?1014046 http://securitytracker.com/id? •
CVE-2005-0356 – TCP TIMESTAMPS - Denial of Service
https://notcve.org/view.php?id=CVE-2005-0356
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. • https://www.exploit-db.com/exploits/1008 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt http://secunia.com/advisories/15393 http://secunia.com/advisories/15417 http://secunia.com/advisories/18222 http://secunia.com/advisories/18662 http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml http:/& •
CVE-2004-1322
https://notcve.org/view.php?id=CVE-2004-1322
Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages. • http://www.ciac.org/ciac/bulletins/p-060.shtml http://www.cisco.com/warp/public/707/cisco-sa-20041215-unity.shtml http://www.securityfocus.com/bid/11954 https://exchange.xforce.ibmcloud.com/vulnerabilities/18489 •
CVE-2003-0983
https://notcve.org/view.php?id=CVE-2003-0983
Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bubba" local user account, (2) an open TCP port 34571, or (3) when a local DHCP server is unavailable, a DHCP server on the manufacturer's test network. Cisco Unitiy en servidores IBM es entregado con una configuración por defecto que debería haber sido deshabilitada por el fabricante, lo que permite a atacantes locales o remotos conducir actividades no autorizadas mediante una cuenta de usuario "bubba" local, o un puerto TCP 34571 abierto, o cuando un servidor DHCP local no está disponible, un servidor DHCP en la red de prueba del fabricante. • http://www.cisco.com/warp/public/707/cisco-sa-20031210-unity.shtml •