4 results (0.013 seconds)

CVSS: 5.0EPSS: 93%CPEs: 296EXPL: 2

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. • https://www.exploit-db.com/exploits/1008 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt http://secunia.com/advisories/15393 http://secunia.com/advisories/15417 http://secunia.com/advisories/18222 http://secunia.com/advisories/18662 http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml http:/& •

CVSS: 7.5EPSS: 1%CPEs: 11EXPL: 0

Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages. • http://www.ciac.org/ciac/bulletins/p-060.shtml http://www.cisco.com/warp/public/707/cisco-sa-20041215-unity.shtml http://www.securityfocus.com/bid/11954 https://exchange.xforce.ibmcloud.com/vulnerabilities/18489 •

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

Cisco Unity 2.x and 3.x uses well-known default user accounts, which could allow remote attackers to gain access and place arbitrary calls. • http://www.cisco.com/warp/public/707/toll-fraud-pub.shtml http://www.iss.net/security_center/static/10282.php https://exchange.xforce.ibmcloud.com/vulnerabilities/44545 •

CVSS: 4.6EPSS: 0%CPEs: 8EXPL: 0

The default configuration of Cisco Unity 2.x and 3.x does not block international operator calls in the predefined restriction tables, which could allow authenticated users to place international calls using call forwarding. La configuración por defecto de Cisco Unity 2.x y 3.x no bloquea llamadas internacioneles con operados, lo que podría permitir a usuarios autenticados hacer llamadas internacionales usando desvío (forwarding) de llamadas. • http://www.cisco.com/warp/public/707/toll-fraud-pub.shtml http://www.iss.net/security_center/static/10282.php http://www.securityfocus.com/bid/5896 •