Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4553

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-4553
Last Modified 07 Mar 2011 09:58:45
Published 27 Aug 2007 08:17:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4553

Summary

The Thomson ST 2030 SIP phone with software 1.52.1 allows remote attackers to cause a denial of service (device hang) via an INVITE message with a Via header that contains a '/' (slash) instead of the required space following the SIP version number.

Vulnerable Systems


References

XF - thomson-sip-dos(36217)

VUPEN - ADV-2007-2988

FULLDISC - 20070823 DOS vulnerability on Thomson SIP phone ST 2030 using the VIA Header

SECTRACK - 1018603

BID - 25446

SREASON - 3075

SECUNIA - 26587


Last Updated: 27 May 2016 10:45:54