CVE-2008-6706 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-6706
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-6706

Description: Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain (1) application server configuration, (2) database server configuration including encrypted passwords, (3) a system utility that decrypts "subscriber table passwords," (4) a system utility that decrypts database passwords, and (5) a system utility that encrypts "subscriber table passwords."

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/43383 http://xforce.iss.net/xforce/xfdb/43382 http://xforce.iss.net/xforce/xfdb/43387 http://xforce.iss.net/xforce/xfdb/43388 SAID Secunia Advisory: SA30751 OSVDB 46602 MISC http://www.voipshield.com/research-details.php?id=85 http://www.voipshield.com/research-details.php?id=84 http://www.voipshield.com/research-details.php?id=83 http://www.voipshield.com/research-details.php?id=82 http://www.voipshield.com/research-details.php?id=81 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-268.htm BID 29939

Return to the previous page.