Quarterly VoIP Vulnerabilities
April 15, 2008 – 10:44 AMWhile most VoIP-related vulnerabilities are posted to the VOIPSA mailing list or blog, I thought it might be useful to have a informal quarterly summary of sorts among VoIP devices per searches from NIST. I hope folks find it helpful, and of course post comments if I’ve overlooked anything from 1 January 2008 through 31 March 2008.
VoIP Firewalls
- CVE-2008-0263 Ingate Firewall & SIParator 1/15/2008
Cisco Phones
- CVE-2008-0531 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
- CVE-2008-0530 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
- CVE-2008-0529 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
- CVE-2008-0528 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
- CVE-2008-0527 Cisco Unified IP Phone 7935 and 7936 2/14/2008
- CVE-2008-0526 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
- CVE-2008-1113 Cisco Unified Wireless IP Phone 7921 3/3/2008
Snom Phones
- CVE-2008-1251 Snom 320 SIP Phone 3/10/2008
- CVE-2008-1250 Snom 320 SIP Phone 3/10/2008
- CVE-2008-1249 Snom 320 SIP Phone 3/10/2008
- CVE-2008-1248 Snom 320 SIP Phone 3/10/2008
Vocera Phones
- CVE-2008-1114 Vocera Communications wireless handsets 3/3/2008
Routers & Gateways
- CVE-2008-1334 BT Home Hub router 3/13/2008
Asterisk PBX
- CVE-2008-1289 Asterisk Open Source 3/24/2008
- CVE-2008-1390 Asterisk Open Source 3/24/2008
- CVE-2008-1332 Asterisk Open Source 3/19/2008
- CVE-2008-1333 Asterisk Open Source 3/19/2008
Cisco Call Manager
- CVE-2008-0026 Cisco Unified CallManager/Communications Manager 2/14/2008
- CVE-2008-0027 Cisco Unified Communications Manager 1/16/2008
UPDATE 4/15/08
Source: VOIPSA
You must be logged in to post a comment.