Intrusion Prevention

Cisco.VoIP.Phone.Vuln

Description

This indicates an attempt to exploit denial of service and information disclosure vulnerabilities in Cisco VoIP Phone system.
There are several vulnerabilities in Cisco IP Phone models 7910, 7940, and 7960 that may allow an attacker to cause the IP phone system to reboot, disrupting service for short period, or to read memory information. This is due to input validation failure by the scripts "StreamStatistics" and "PortInformation". An attacker can send a specially crafted URL request to the "StreamStatistics" script with an invalid ID of more than 32768, causing a denial of service. A request to the PortInformation script with invalid IDs of more than 32768 makes it possible to read the contents of memory locations.

Affected Products

Cisco IP Phone (VoIP) models 7910, 7940, and 7960 3.0 through 3.2.

Impact

Denial of Service.
Information disclosure.

Recommended Actions

Apply patch according to Cisco advisory http://www.cisco.com/warp/public/707/multiple-ip-phone-vulnerabilities-pub.shtml.

CVE References

CVE-2002-0882