Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6706

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2008-6706
Last Modified 19 Aug 2009 01:24:19
Published 10 Apr 2009 06:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6706

Summary

Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain (1) application server configuration, (2) database server configuration including encrypted passwords, (3) a system utility that decrypts "subscriber table passwords," (4) a system utility that decrypts database passwords, and (5) a system utility that encrypts "subscriber table passwords."

Vulnerable Systems

Application

  • Avaya Communication Manager 3.1

  • Avaya Communication Manager 3.1.1

  • Avaya Communication Manager 3.1.2

  • Avaya Communication Manager 3.1.3

  • Avaya Communication Manager 3.1.4

  • Avaya Communication Manager 3.1.5

  • Avaya Sip Enablement Services 3.0

  • Avaya Sip Enablement Services 3.1

  • Avaya Sip Enablement Services 3.1.1

  • Avaya Sip Enablement Services 4.0


References

XF - avaya-ses-databaseserver-info-disclosure(43388)

XF - avaya-ses-databasepassword-info-disclosure(43387)

XF - avaya-ses-passwordencryption-info-disclosure(43383)

XF - avaya-ses-tablepasswords-info-disclosure(43382)

VUPEN - ADV-2008-1943

MISC - http://www.voipshield.com/research-details.php?id=85

MISC - http://www.voipshield.com/research-details.php?id=84

MISC - http://www.voipshield.com/research-details.php?id=83

MISC - http://www.voipshield.com/research-details.php?id=82

MISC - http://www.voipshield.com/research-details.php?id=81

BID - 29939

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-268.htm

SECUNIA - 30751

OSVDB - 46602


Last Updated: 27 May 2016 10:49:18