 |
|
|
|
| Cisco IP Phones unauthorized access | | Published: |  | 21.02.2007 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 7275 | | Type: |  | remote | | Level: |  | 7/10 | | Description: |  | It's possible to access web interface without password. There is built-in hardcoded user account with SSH access. |
| Affected: |  | CISCO : Cisco Unified IP Conference Station 7935 | | | | CISCO : Cisco Unified IP Conference Station 7936 | | | | CISCO : Cisco Unified IP Phone 7906G | | | | CISCO : Cisco Unified IP Phone 7911G | | | | CISCO : Cisco Unified IP Phone 7941G | | | | CISCO : Cisco Unified IP Phone 7961G | | | | CISCO : Cisco Unified IP Phone 7970G | | | | CISCO : Cisco Unified IP Phone 7971G | | CVE: |  | CVE-2007-1072 (The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063.) | | | | CVE-2007-1063 (The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device.) | | | | CVE-2007-1062 (The Cisco Unified IP Conference Station 7935 3.2(15) and earlier, and Station 7936 3.3(12) and earlier does not properly handle administrator HTTP sessions, which allows remote attackers to bypass authentication controls via a direct URL request to the administrative HTTP interface for a limited time) |
|
|
|
|
|
|
|
|
