|
|
CVE Reference: CVE-2007-0528 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-0528 |
|
|
Description: The admin web console implemented by the Centrality Communications (aka Aredfox) PA168 chipset and firmware 1.54 and earlier, as provided by various IP phones, does not require passwords or authentication tokens when using HTTP, which allows remote attackers to connect to existing superuser sessions and obtain sensitive information (passwords and configuration data). |
|
|
CVE Status: Candidate |
|
|
References: SAID Secunia Advisory: SA23919 Secunia Advisory: SA23936 OSVDB 32966 MISC http://www.procheckup.com/Vulner_PR0614.php MILW0RM http://milw0rm.com/exploits/3189 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/457868/100/0/threaded |
|
| Return to the previous page. |
