Secunia Logo  
 Vulnerability InformationVulnerability ScanningCommunityBlogCorporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Information > Secunia Advisories > Advisories by Product > Avaya Call Management System (CMS)
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About


Secunia PSI WorldMap 		 
Vulnerability Report: Avaya Call Management System (CMS)
This vulnerability report for Avaya Call Management System (CMS) contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.

If you have information about a new or an existing vulnerability in Avaya Call Management System (CMS) then you are more than welcome to contact us.


Table of Contents

1. Product Summary Only

2. Secunia Advisory Statistics (All time)
2.1. Statistics for 2009
2.2. Statistics for 2008
2.3. Statistics for 2007
2.4. Statistics for 2006
2.5. Statistics for 2005
2.6. Statistics for 2004
2.7. Statistics for 2003

3. List of Secunia Advisories (All time)
3.1. List for 2009
3.2. List for 2008
3.3. List for 2007
3.4. List for 2006
3.5. List for 2005
3.6. List for 2004
3.7. List for 2003

4. Send Feedback
 
Vendor, Links, and Unpatched Vulnerabilities

Vendor Avaya

Product Link View Here (Link to external site)

Affected By 99 Secunia advisories
141 Vulnerabilities

Monitor Product Receive alerts for this product

Unpatched 63% (62 of 99 Secunia advisories)

Most Critical Unpatched
The most severe unpatched Secunia advisory affecting Avaya Call Management System (CMS), with all vendor patches applied, is rated Highly critical .




33 Secunia Advisories in 2009
Secunia has issued a total of 33 Secunia advisories in 2009 for Avaya Call Management System (CMS). Currently, 88% (29 out of 33) are marked as unpatched with the most severe being rated Moderately critical

More information about the specific Secunia advisories affecting Avaya Call Management System (CMS) can be found below. Each Secunia advisory is enclosed by a box highlighted with a color representing its current patch status. You can read the complete Secunia advisories for thorough descriptions of the issues covered and for solution suggestions by clicking either the Secunia advisory title or the "Read More" links available for each Secunia advisory.



Avaya CMS / IR Solaris SCTP Packet Denial of Service
Unpatched. Secunia Advisory 1 of 33 in 2009. 2,870 views.
Release Date:
2009-08-14		 Secunia Advisory ID:
SA36318		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
From remote
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS and IR, which can be exploited by malicious users to cause a DoS (Denial of Service). [Read More]

Avaya CMS Solaris rpc.nisd NIS+ Server Denial of Service
Partial Fix. Secunia Advisory 2 of 33 in 2009. 857 views.
Release Date:
2009-08-14		 Secunia Advisory ID:
SA36315		 Solution Status:
Partial Fix
Criticality:
 Impact:
DoS
 Where:
From local network
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious users to cause a DoS (Denial of Service). [Read More]

Avaya CMS Solaris IP Multicast Reception Denial of Service
Unpatched. Secunia Advisory 3 of 33 in 2009. 2,795 views.
Release Date:
2009-08-14		 Secunia Advisory ID:
SA36272		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
Local system
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service). [Read More]

Avaya CMS Solaris Event Port API Race Condition Vulnerabilities
Unpatched. Secunia Advisory 4 of 33 in 2009. 587 views.
Release Date:
2009-06-30		 Secunia Advisory ID:
SA35637		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
Local system
Short Description:
Avaya has acknowledged two vulnerabilities in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service). [Read More]

Avaya CMS Solaris Ultra-SPARC T2 Crypto Provider Device Driver Vulnerability
Unpatched. Secunia Advisory 5 of 33 in 2009. 577 views.
Release Date:
2009-06-30		 Secunia Advisory ID:
SA35636		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
From remote
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users and potentially malicious people to cause a DoS (Denial of Service). [Read More]

Avaya CMS Solaris Kerberos Unauthorised Access Vulnerability
Unpatched. Secunia Advisory 6 of 33 in 2009. 573 views.
Release Date:
2009-06-10		 Secunia Advisory ID:
SA35414		 Solution Status:
Unpatched
Criticality:
 Impact:
Security Bypass
 Where:
Local system
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to bypass certain security restrictions. [Read More]

Avaya CMS Solaris libpng Multiple Vulnerabilities
Unpatched. Secunia Advisory 7 of 33 in 2009. 735 views.
Release Date:
2009-06-10		 Secunia Advisory ID:
SA35386		 Solution Status:
Unpatched
Criticality:
 Impact:
Exposure of sensitive information
DoS
System access
 Where:
From remote
Short Description:
Avaya has acknowledged some vulnerabilities in Avaya CMS, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, or potentially compromise an application using the libpng library. [Read More]

Avaya CMS Solaris "sadmind" Two Vulnerabilities
Unpatched. Secunia Advisory 8 of 33 in 2009. 681 views.
Release Date:
2009-05-28		 Secunia Advisory ID:
SA35191		 Solution Status:
Unpatched
Criticality:
 Impact:
System access
 Where:
From local network
Short Description:
Avaya has acknowledged two vulnerabilities in Avaya CMS, which can be exploited by malicious people to compromise a vulnerable system. [Read More]

Avaya CMS Solaris SASL Library Buffer Overflow Vulnerability
Unpatched. Secunia Advisory 9 of 33 in 2009. 854 views.
Release Date:
2009-05-25		 Secunia Advisory ID:
SA35206		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
System access
 Where:
From remote
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the affected library. [Read More]

Avaya CMS Solaris "fstat()" System Call Denial of Service
Unpatched. Secunia Advisory 10 of 33 in 2009. 629 views.
Release Date:
2009-05-21		 Secunia Advisory ID:
SA35119		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
Local system
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service). [Read More]

Avaya CMS Solaris OpenSSL "ASN1_STRING_print_ex()" Denial of Service
Unpatched. Secunia Advisory 11 of 33 in 2009. 781 views.
Release Date:
2009-05-20		 Secunia Advisory ID:
SA35181		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
From remote
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]

Avaya CMS Solaris DTrace ioctl Handlers Denial of Service
Vendor Workaround. Secunia Advisory 12 of 33 in 2009. 661 views.
Release Date:
2009-05-20		 Secunia Advisory ID:
SA35098		 Solution Status:
Vendor Workaround
Criticality:
 Impact:
DoS
 Where:
Local system
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service). [Read More]

Avaya CMS Solaris / SEAM Kerberos Multiple Vulnerabilities
Unpatched. Secunia Advisory 13 of 33 in 2009. 567 views.
Release Date:
2009-04-21		 Secunia Advisory ID:
SA34814		 Solution Status:
Unpatched
Criticality:
 Impact:
Exposure of sensitive information
DoS
System access
 Where:
From remote
Short Description:
Avaya has acknowledged some vulnerabilities in Avaya CMS, which can potentially be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system. [Read More]

Avaya CMS Solaris dircmp Shell Script File Overwriting Vulnerability
Unpatched. Secunia Advisory 14 of 33 in 2009. 592 views.
Release Date:
2009-04-21		 Secunia Advisory ID:
SA34813		 Solution Status:
Unpatched
Criticality:
 Impact:
Privilege escalation
 Where:
Local system
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to perform certain actions with escalated privileges. [Read More]

Avaya CMS Solaris Kerberos Denial of Service Vulnerability
Unpatched. Secunia Advisory 15 of 33 in 2009. 651 views.
Release Date:
2009-03-30		 Secunia Advisory ID:
SA34487		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
From remote
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]

Avaya CMS Solaris UFS File System Denial of Service
Unpatched. Secunia Advisory 16 of 33 in 2009. 634 views.
Release Date:
2009-03-30		 Secunia Advisory ID:
SA34504		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
Local system
Short Description:
Avaya has acknowledged some vulnerabilities in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service). [Read More]

Avaya CMS Solaris "keysock" Kernel Module Denial of Service
Vendor Patch. Secunia Advisory 17 of 33 in 2009. 515 views.
Release Date:
2009-03-24		 Secunia Advisory ID:
SA34456		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
Local system
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service). [Read More]

Avaya CMS Solaris Crypto Pseudo Device Driver Denial of Service
Vendor Patch. Secunia Advisory 18 of 33 in 2009. 555 views.
Release Date:
2009-03-24		 Secunia Advisory ID:
SA34455		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
Local system
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service). [Read More]

Avaya CMS Solaris NFS Multiple Security Mode Security Issue
Unpatched. Secunia Advisory 19 of 33 in 2009. 735 views.
Release Date:
2009-03-24		 Secunia Advisory ID:
SA34435		 Solution Status:
Unpatched
Criticality:
 Impact:
Security Bypass
 Where:
From local network
Short Description:
Avaya has acknowledged a security issue in Avaya CMS, which can be exploited by malicious users to bypass certain security restrictions. [Read More]

Avaya CMS Solaris NFS Security Modes Security Bypass
Unpatched. Secunia Advisory 20 of 33 in 2009. 764 views.
Release Date:
2009-03-23		 Secunia Advisory ID:
SA34429		 Solution Status:
Unpatched
Criticality:
 Impact:
Security Bypass
 Where:
From local network
Short Description:
Avaya has acknowledged a security issue in Avaya CMS, which can be exploited by malicious people to bypass certain security restrictions. [Read More]

Avaya CMS Solaris Doors Kernel Vulnerabilities
Unpatched. Secunia Advisory 21 of 33 in 2009. 793 views.
Release Date:
2009-03-19		 Secunia Advisory ID:
SA34375		 Solution Status:
Unpatched
Criticality:
 Impact:
Security Bypass
Privilege escalation
DoS
 Where:
Local system
Short Description:
Avaya has acknowledged some vulnerabilities in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service), bypass certain security restrictions, and potentially gain escalated privileges. [Read More]

Avaya CMS Solaris NFSv4 Server Kernel Module Denial of Service
Unpatched. Secunia Advisory 22 of 33 in 2009. 649 views.
Release Date:
2009-03-19		 Secunia Advisory ID:
SA34371		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
Local system
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service). [Read More]

Avaya CMS / IR Solaris libxml2 Integer Overflow Vulnerabilities
Unpatched. Secunia Advisory 23 of 33 in 2009. 874 views.
Release Date:
2009-03-11		 Secunia Advisory ID:
SA34247		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
System access
 Where:
From remote
Short Description:
Avaya has acknowledged some vulnerabilities in Avaya CMS / IR, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially to compromise an application using the libxml2 library. [Read More]

Avaya CMS Solaris Kerberos PAM Module Privilege Escalation
Unpatched. Secunia Advisory 24 of 33 in 2009. 801 views.
Release Date:
2009-03-11		 Secunia Advisory ID:
SA34260		 Solution Status:
Unpatched
Criticality:
 Impact:
Privilege escalation
 Where:
Local system
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to gain escalated privileges. [Read More]

Avaya CMS Solaris "autofs" Kernel Module Vulnerability
Unpatched. Secunia Advisory 25 of 33 in 2009. 1,164 views.
Release Date:
2009-02-09		 Secunia Advisory ID:
SA33905		 Solution Status:
Unpatched
Criticality:
 Impact:
Privilege escalation
DoS
 Where:
Local system
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially to gain escalated privileges. [Read More]

Avaya CMS Solaris IP Minor Numbers Denial of Service Vulnerability
Unpatched. Secunia Advisory 26 of 33 in 2009. 1,194 views.
Release Date:
2009-02-09		 Secunia Advisory ID:
SA33904		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
Local system
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service). [Read More]

Avaya CMS Solaris IP-in-IP Processing Denial of Service Vulnerability
Unpatched. Secunia Advisory 27 of 33 in 2009. 1,149 views.
Release Date:
2009-02-09		 Secunia Advisory ID:
SA33903		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
Local system
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service). [Read More]

Avaya CMS BIND "EVP_VerifyFinal()" and "DSA_do_verify()" Spoofing Vulnerability
Unpatched. Secunia Advisory 28 of 33 in 2009. 1,598 views.
Release Date:
2009-02-09		 Secunia Advisory ID:
SA33882		 Solution Status:
Unpatched
Criticality:
 Impact:
Spoofing
 Where:
From remote
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious people to conduct spoofing attacks. [Read More]

Avaya CMS Solaris "libxml2" XML Processing Vulnerability
Unpatched. Secunia Advisory 29 of 33 in 2009. 1,436 views.
Release Date:
2009-01-29		 Secunia Advisory ID:
SA33715		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
System access
 Where:
From remote
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. [Read More]

Avaya CMS Solaris Pseudo-Terminal Driver Denial of Service
Unpatched. Secunia Advisory 30 of 33 in 2009. 1,228 views.
Release Date:
2009-01-29		 Secunia Advisory ID:
SA33708		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
Local system
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service). [Read More]

Avaya CMS Solaris "libike" Library Denial of Service
Unpatched. Secunia Advisory 31 of 33 in 2009. 1,061 views.
Release Date:
2009-01-29		 Secunia Advisory ID:
SA33702		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
From remote
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]

Avaya CMS Solaris "lpadmin" and "ppdmgr" Denial of Service Vulnerabilities
Unpatched. Secunia Advisory 32 of 33 in 2009. 1,220 views.
Release Date:
2009-01-29		 Secunia Advisory ID:
SA33705		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
Local system
Short Description:
Avaya has acknowledged some vulnerabilities in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service). [Read More]

Avaya CMS Solaris "rpc.metad" Denial of Service Vulnerability
Unpatched. Secunia Advisory 33 of 33 in 2009. 1,158 views.
Release Date:
2009-01-22		 Secunia Advisory ID:
SA33628		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
From local network
Short Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]






Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs (open positions) | About Secunia
Copyright Secunia 2002-2009