Computer Security
[EN] securityvulns.ru no-pyccku


Multiple phone systems unauthorized voice mail access
Published:11.04.2007
Source:
SecurityVulns ID:7565
Type:remote
Threat Level:
5/10
Description:Spoofable Caller ID (CNID) is used for access authentication.
CVE:CVE-2007-1823 (T-Mobile voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID).)
 CVE-2007-1822 (Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID).)
 CVE-2007-1821 (Sprint Nextel Sprint voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID).)
 CVE-2007-1820 (Nortel Networks CallPilot and Meridian Mail voicemail systems, when a mailbox has auto logon enabled, allow remote attackers to retrieve or remove messages, or reconfigure the mailbox, by spoofing Calling Number Identification (CNID, aka Caller ID).)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod