Avaya Call Management System (CMS) - Advisories by Product - Secunia Advisories - Vulnerability Information

This vulnerability report for Avaya Call Management System (CMS) contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.

If you have information about a new or an existing vulnerability in Avaya Call Management System (CMS) then you are more than welcome to contact us.

Table of Contents

1. Product Summary Only

2. Secunia Advisory Statistics (All time)

2.1. Statistics for 2009

2.2. Statistics for 2008

2.3. Statistics for 2007

2.4. Statistics for 2006

2.5. Statistics for 2005

2.6. Statistics for 2004

2.7. Statistics for 2003

3. List of Secunia Advisories (All time)

3.1. List for 2009

3.2. List for 2008

3.3. List for 2007

3.4. List for 2006

3.5. List for 2005

3.6. List for 2004

3.7. List for 2003

4. Send Feedback

Vendor, Links, and Unpatched Vulnerabilities

Vendor	Avaya

Product Link	View Here (Link to external site)

Affected By	99 Secunia advisories 141 Vulnerabilities

Monitor Product	Receive alerts for this product

Unpatched	63% (62 of 99 Secunia advisories)

Most Critical Unpatched The most severe unpatched Secunia advisory affecting Avaya Call Management System (CMS), with all vendor patches applied, is rated Highly critical .

9 Secunia Advisories in 2005

Secunia has issued a total of 9 Secunia advisories in 2005 for Avaya Call Management System (CMS). Currently, 22% (2 out of 9) are marked as unpatched with the most severe being rated Less critical

More information about the specific Secunia advisories affecting Avaya Call Management System (CMS) can be found below. Each Secunia advisory is enclosed by a box highlighted with a color representing its current patch status. You can read the complete Secunia advisories for thorough descriptions of the issues covered and for solution suggestions by clicking either the Secunia advisory title or the "Read More" links available for each Secunia advisory.

Avaya CMS Solaris X11 Pixmap Creation Integer Overflow Vulnerability
Vendor Workaround. Secunia Advisory 1 of 9 in 2005. 8,256 views.

Release Date:
2005-10-19

Secunia Advisory ID:
SA17258

Solution Status:
Vendor Workaround

Criticality:

Impact:
Privilege escalation

Where:
Local system

Short Description:
Avaya has acknowledged a vulnerability in CMS, which potentially can be exploited by malicious, local users to gain escalated privileges. [Read More]

Avaya CMS / IR Solaris printd Daemon Arbitrary File Deletion
Partial Fix. Secunia Advisory 2 of 9 in 2005. 7,352 views.

Release Date:
2005-08-23

Secunia Advisory ID:
SA16546

Solution Status:
Partial Fix

Criticality:

Impact:
Manipulation of data

Where:
From local network

Short Description:
Avaya has acknowledged a vulnerability in CMS and IR, which can be exploited by malicious users to delete files on a vulnerable system. [Read More]

Avaya CMS / IR Solaris Runtime Linker Vulnerability
Unpatched. Secunia Advisory 3 of 9 in 2005. 6,436 views.

Release Date:
2005-08-02

Secunia Advisory ID:
SA16278

Solution Status:
Unpatched

Criticality:

Impact:
Privilege escalation

Where:
Local system

Short Description:
Avaya has acknowledged a vulnerability in CMS and IR, which can be exploited by malicious, local users to gain escalated privileges. [Read More]

Avaya CMS/IR lpadmin Arbitrary File Overwrite Vulnerability
Vendor Patch. Secunia Advisory 4 of 9 in 2005. 6,274 views.

Release Date:
2005-06-30

Secunia Advisory ID:
SA15877

Solution Status:
Vendor Patch

Criticality:

Impact:
Manipulation of data

Where:
Local system

Short Description:
Avaya has acknowledged a vulnerability in Avaya Call Management System (CMS) and Avaya Interactive Response (IR), which can be exploited by malicious, local users to overwrite arbitrary files on a vulnerable system. [Read More]

Avaya CMS FTP Daemon Wildcard Denial of Service
Vendor Workaround. Secunia Advisory 5 of 9 in 2005. 6,569 views.

Release Date:
2005-06-08

Secunia Advisory ID:
SA15624

Solution Status:
Vendor Workaround

Criticality:

Impact:
DoS

Where:
From remote

Short Description:
Avaya has acknowledged a vulnerability in Call Management System (CMS), which can be exploited by malicious users to cause a DoS (Denial of Service). [Read More]

Avaya CMS/IR Network Port Hijacking Vulnerability
Vendor Patch. Secunia Advisory 6 of 9 in 2005. 7,438 views.

Release Date:
2005-05-16

Secunia Advisory ID:
SA15384

Solution Status:
Vendor Patch

Criticality:

Impact:
Hijacking

Where:
Local system

Short Description:
Avaya has acknowledged some vulnerabilities in Avaya Call Management System (CMS) and Avaya Interactive Response (IR), which can be exploited by malicious, local users to hijack network ports. [Read More]

Avaya CMS dtmail Privilege Escalation Vulnerability
Vendor Workaround. Secunia Advisory 7 of 9 in 2005. 6,603 views.

Release Date:
2005-05-11

Secunia Advisory ID:
SA15303

Solution Status:
Vendor Workaround

Criticality:

Impact:
Privilege escalation

Where:
Local system

Short Description:
Avaya has acknowledged a vulnerability in Avaya Call Management System (CMS), which can be exploited by malicious, local users to gain escalated privileges. [Read More]

Avaya CMS/IR newgrp Privilege Escalation Vulnerability
Vendor Patch. Secunia Advisory 8 of 9 in 2005. 7,038 views.

Release Date:
2005-05-10

Secunia Advisory ID:
SA15313

Solution Status:
Vendor Patch

Criticality:

Impact:
Privilege escalation

Where:
Local system

Avaya CMS UDP End Point Handling Denial of Service
Unpatched. Secunia Advisory 9 of 9 in 2005. 5,996 views.

Release Date:
2005-02-07

Secunia Advisory ID:
SA14153

Solution Status:
Unpatched

Criticality:

Impact:
DoS

Where:
Local system

Short Description:
Avaya has acknowledged a vulnerability in CMS, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service). [Read More]