Page 16 of 93 results (0.010 seconds)

CVSS: 7.1EPSS: 5%CPEs: 2EXPL: 0

Cisco Unified IP Phone (aka SIP phone) 7960G and 7940G with firmware P0S3-08-9-00 and possibly other versions before 8.10 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a Realtime Transport Protocol (RTP) packet with malformed headers. Cisco Unified IP Phone (también conocido como SIP phone) 7960G y 7940G con firmware P0S3-08-9-00 y posiblemente otras versiones anteriores a v8.10 permite a atacantes remotos causar denegación de servicio (reinicio del dispositivo) o posiblemente ejecutar código de su elección mediante un paquete de Protocolo de Transporte en Tiempo Real (RTP) con cabeceras mal formadas. • http://securityreason.com/securityalert/4917 http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/7960g_7940g/firmware/sip/8_10/english/release/notes/796040sip_810.html http://www.securityfocus.com/archive/1/500059/100/0/threaded http://www.securityfocus.com/bid/33264 https://exchange.xforce.ibmcloud.com/vulnerabilities/47948 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks. Cisco Unified Wireless IP Phone 7921, cuando utiliza Protected Extensible Authentication Protocol (PEAP), no valida certificados de servidor, lo cual permite a los puntos de acceso inalámbricos remotos robar el resumen digital (hash) de contaseñas y dirigir ataques man-in-the-middle (MITM). • http://blogs.zdnet.com/security/?p=896 http://blogs.zdnet.com/security/?p=901 http://seclists.org/fulldisclosure/2008/Feb/0402.html http://seclists.org/fulldisclosure/2008/Feb/0449.html http://secunia.com/advisories/29082 http://securitytracker.com/id?1019494 http://www.securityfocus.com/bid/27935 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 2%CPEs: 18EXPL: 0

Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a long ICMP echo request (ping) packet. Los teléfonos Cisco Unified IP Phone 7940, 7940G, 7960 y 7960G ejecutándose en software empotrado (firmware) SCCP permiten a atacantes remotos provocar una denegación de servicio (reinicio) mediante un paquete de petición de eco ICMP (ping) grande. • http://secunia.com/advisories/28935 http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7a.shtml http://www.securityfocus.com/bid/27774 http://www.securitytracker.com/id?1019407 http://www.vupen.com/english/advisories/2008/0543 https://exchange.xforce.ibmcloud.com/vulnerabilities/40487 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 1%CPEs: 18EXPL: 0

The HTTP server in Cisco Unified IP Phone 7935 and 7936 running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a crafted HTTP request. El servidor HTTP en los telefonos Cisco Unified IP Phone 7935 y 7936 ejecutándose en un software empotrado (firmware) SCCP, permiten a atacantes remotos provocar una denegación de servicio (reinicio) mediante una solicitud HTTP manipulada. • http://secunia.com/advisories/28935 http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7a.shtml http://www.securityfocus.com/bid/27774 http://www.securitytracker.com/id?1019408 http://www.vupen.com/english/advisories/2008/0543 https://exchange.xforce.ibmcloud.com/vulnerabilities/40489 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 11%CPEs: 18EXPL: 0

Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote attackers to execute arbitrary code via a SIP message with crafted MIME data. Desbordamiento de búfer en los teléfonos Cisco Unified IP Phone 7940, 7940G, 7960 y 7960G ejecutándose en un software empotrado (firmware) SIP, puede que permita a atacantes remotos ejecutar código de su elección mediante un mensaje SIP con los datos MIME manipulados. • http://secunia.com/advisories/28935 http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7a.shtml http://www.securityfocus.com/bid/27774 http://www.securitytracker.com/id?1019409 http://www.vupen.com/english/advisories/2008/0543 https://exchange.xforce.ibmcloud.com/vulnerabilities/40492 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •