Denial of Service in Cisco IP Phones 7910, 7940, and 7960
CVE-2002-0882

Currently unrated

Key Information:

Vendor: Cisco
Status: Skinny Client Control Protocol Software; Voip Phone Cp-7940
Vendor: CVE Published:; 4 October 2002

Summary

The web server of certain Cisco IP Phones, specifically models 7910, 7940, and 7960, is susceptible to a denial of service attack. Attackers can exploit this vulnerability by sending a large integer value in the stream ID of the StreamingStatistics script or in the port ID of the PortInformation script. This could lead to a system reset and potentially expose sensitive memory information, making it crucial for users of these devices to apply necessary security measures.

References

http://online.securityfocus.com/archive/1/273673

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/4794

vdb-entryx_refsource_BID

http://www.cisco.com/warp/public/707/multiple-ip-phone-vu...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Oct 4, 2002
Vulnerability Reserved
Aug 16, 2002