Denial of Service Vulnerability in Cisco IP Phones and Related Products
CVE-2005-4794

Currently unrated

Key Information:

Vendor: Cisco
Status: Application And Content Networking Software; Ip Phone 7912; Ata; Subscriber Edge Services Manager
Vendor: CVE Published:; 31 December 2005

Summary

A vulnerability exists in various Cisco products, including specific models of IP phones and ATA devices, wherein remote attackers can exploit a weakness in the handling of compressed DNS packets. An attacker can send a specially crafted DNS packet with an incorrect label length offset, resulting in potential instability or a crash of the affected devices. This could disrupt normal service operations and impact users relying on these communications systems.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/20712

vdb-entryx_refsource_XF

http://securitytracker.com/id?1014044

vdb-entryx_refsource_SECTRACK

http://securitytracker.com/id?1014043

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability Reserved
May 2, 2006
Vulnerability published
Dec 31, 2005