CVSS: 10.0EPSS: 11%CPEs: 18EXPL: 0CVE-2008-0530
https://notcve.org/view.php?id=CVE-2008-0530
15 Feb 2008 — Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP and SIP firmware might allow remote attackers to execute arbitrary code via a crafted DNS response. Desbordamiento de búfer en los teléfonos Cisco Unified IP Phone 7940, 7940G, 7960 y 7960G ejecutándose en los software empotrados (firmware) SCCP y SIP, puede que permitan a atacantes remotos ejecutar código de su elección mediante una respuesta de DNS manipulada. • http://secunia.com/advisories/28935 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 3%CPEs: 18EXPL: 0CVE-2008-0526
https://notcve.org/view.php?id=CVE-2008-0526
15 Feb 2008 — Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a long ICMP echo request (ping) packet. Los teléfonos Cisco Unified IP Phone 7940, 7940G, 7960 y 7960G ejecutándose en software empotrado (firmware) SCCP permiten a atacantes remotos provocar una denegación de servicio (reinicio) mediante un paquete de petición de eco ICMP (ping) grande. • http://secunia.com/advisories/28935 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 18EXPL: 0CVE-2008-0527
https://notcve.org/view.php?id=CVE-2008-0527
15 Feb 2008 — The HTTP server in Cisco Unified IP Phone 7935 and 7936 running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a crafted HTTP request. El servidor HTTP en los telefonos Cisco Unified IP Phone 7935 y 7936 ejecutándose en un software empotrado (firmware) SCCP, permiten a atacantes remotos provocar una denegación de servicio (reinicio) mediante una solicitud HTTP manipulada. • http://secunia.com/advisories/28935 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 3CVE-2007-5583 – Cisco Phone 7940 - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-5583
18 Dec 2007 — Cisco IP Phone 7940 with firmware P0S3-08-7-00 allows remote attackers to cause a denial of service ("486 Busy" responses or device reboot) via a sequence of SIP INVITE transactions in which the Request-URI lacks a user name, a different vulnerability than CVE-2007-4459. Cisco IP Phone 7940 con firmware P0S3-08-7-00 permite a atacantes remotos provocar denegación de servicio (respuesta "486 busy" o reinicio del dispositivo) a través de una secuencia de transacciones SIP INVITE en los cuales la respuesta-URI... • https://www.exploit-db.com/exploits/4692 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2007-6190
https://notcve.org/view.php?id=CVE-2007-6190
30 Nov 2007 — The HTTP daemon in the Cisco Unified IP Phone, when the Extension Mobility feature is enabled, allows remote authenticated users of other phones associated with the same CUCM server to eavesdrop on the physical environment via a CiscoIPPhoneExecute message containing a URL attribute of an ExecuteItem element that specifies a Real-Time Transport Protocol (RTP) audio stream. El demonio HTTP en el teléfono Cisco Unified IPD Phone, cuando la funcionalidad de Movilidad de Extensión (Extension Mobility) está habi... • http://osvdb.org/40874 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 0CVE-2007-1072
https://notcve.org/view.php?id=CVE-2007-1072
22 Feb 2007 — The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063. El interfaz de linea de comando (CLI) en Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, y 7971G, con firmware 8.0(4)SR1 y anteriores permite a usuarios locales obtener privilegios o provocar denegación de... • http://osvdb.org/33064 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 2%CPEs: 12EXPL: 0CVE-2007-1063
https://notcve.org/view.php?id=CVE-2007-1063
22 Feb 2007 — The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device. El servidor SSH en Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, y 7971G, con firmware 8.0(4)SR1 y anteriores, utiliza un nombre de usuario y contraseña fuertemente codificada, lo cual permite a atacantes remotos acceder al dispositivo. • http://osvdb.org/45246 • CWE-798: Use of Hard-coded Credentials •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 4CVE-2006-0179 – Cisco IP Phone 7940 - Reboot (Denial of Service)
https://notcve.org/view.php?id=CVE-2006-0179
11 Jan 2006 — The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80. • https://www.exploit-db.com/exploits/1411 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 7%CPEs: 8EXPL: 0CVE-2005-4794
https://notcve.org/view.php?id=CVE-2005-4794
31 Dec 2005 — Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset. • http://secunia.com/advisories/15472 •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2005-3804
https://notcve.org/view.php?id=CVE-2005-3804
24 Nov 2005 — Cisco IP Phone (VoIP) 7920 1.0(8) listens to UDP port 17185 to support a VxWorks debugger, which allows remote attackers to obtain sensitive information and cause a denial of service. Cisco IP Phone (VoIP) 7920 1.0(8) escucha en el puerto UDP 17185 para soportar el depurador VxWorks, lo que permite a atacantes remotos obtener información sensible y causar una denegación de servicio. • http://secunia.com/advisories/17604 •