Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0529

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-0529
Last Modified 07 Mar 2011 10:04:51
Published 14 Feb 2008 09:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0529

Summary

Buffer overflow in the telnet server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G running SCCP firmware might allow remote authenticated users to execute arbitrary code via a crafted command.

Vulnerable Systems

Application

  • Cisco Session Initiation Protocol %28sip%29 Firmware

  • Cisco Skinny Client Control Protocol %28sccp%29 Firmware


References

CISCO - 20080213 Cisco Unified IP Phone Overflow and Denial of Service Vulnerabilities

XF - cisco-unifiedipphone-telnet-bo(40493)

VUPEN - ADV-2008-0543

SECTRACK - 1019410

BID - 27774

SECUNIA - 28935


Last Updated: 27 May 2016 10:46:50