Remote Denial of Service in Cisco IP Phone 7940 and 7960 Firmware
CVE-2007-4459

Currently unrated

Key Information:

Vendor

Cisco
Status
Voip Phone Cp-7940
Voip Phone Cp-7960
Vendor
CVE Published:
21 August 2007

What is CVE-2007-4459?

The vulnerability in Cisco IP Phone 7940 and 7960 allows remote attackers to execute a denial of service attack, specifically causing a device reboot. This can be achieved through a specific manipulation of SIP (Session Initiation Protocol) messages. By sending a sequence of ten invalid SIP INVITE and OPTIONS messages, or an invalid SIP INVITE message containing a remote tag followed by two particular SIP OPTIONS messages, an attacker can disrupt the normal operation of these devices. This poses significant implications for businesses relying on these communication tools.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/25378
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/36125
vdb-entryx_refsource_XF
http://www.cisco.com/warp/public/707/cisco-sr-20070821-si...
vendor-advisoryx_refsource_CISCO

EPSS Score

71% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.