Remote Code Manipulation in Avaya Argent Office by Spoofing
CVE-2001-1261

Currently unrated

Key Information:

Vendor: Avaya
Status: Argent Office
Vendor: CVE Published:; 7 August 2001

Summary

Avaya Argent Office 2.1 is susceptible to a vulnerability where remote attackers can manipulate the hold music by spoofing responses from a legitimate server. By leveraging TFTP broadcasts, attackers can redirect the request to provide malicious HoldMusic files, effectively altering the audio that callers hear while on hold.

References

http://online.securityfocus.com/archive/1/202344

mailing-listx_refsource_BUGTRAQ

http://www.iss.net/security_center/static/6956.php

vdb-entryx_refsource_XF

Timeline

Vulnerability Reserved
May 1, 2002
Vulnerability published
Aug 7, 2001