Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5791

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-5791
Last Modified 15 Nov 2008 02:02:13
Published 01 Nov 2007 12:46:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5791

Summary

The Vonage Motorola Phone Adapter VT 2142-VD does not properly verify that a SIP INVITE message originated from a legitimate server, which allows remote attackers to send spoofed INVITE messages, as demonstrated by a flood of messages triggering a denial of service, and by phone calls with malicious content.

Vulnerable Systems


References

XF - vonage-motorola-invite-weak-security(37420)

XF - vonage-motorola-invite-dos(37416)

MISC - http://www.sipera.com/index.php?action=resources,threat_advisory&tid=360

MISC - http://www.sipera.com/index.php?action=resources,threat_advisory&tid=357

BID - 26129

SECUNIA - 27380

OSVDB - 38525

OSVDB - 38524


Last Updated: 27 May 2016 10:46:16