VoIP Denial of Service and Interception Vulnerability in Alcatel-Lucent OmniPCX Enterprise
CVE-2007-5361

Currently unrated

Key Information:

Vendor

Alcatel-lucent

Status
Omnipcx
Vendor
CVE Published:
20 November 2007

What is CVE-2007-5361?

The Communication Server in Alcatel-Lucent OmniPCX Enterprise prior to version 7.1 potentially exposes users to a VoIP denial of service. An IP address is cached during a TFTP request initiated by an IP Touch phone, leading to this address being used for all subsequent VoIP communications. Attackers can exploit this behavior with a specially crafted TFTP request that includes the phone's MAC address. This can result in loss of audio, allowing attackers to disrupt or intercept voice communications.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://securityreason.com/securityalert/3387
third-party-advisoryx_refsource_SREASON
http://secunia.com/advisories/27710
third-party-advisoryx_refsource_SECUNIA
http://www.csnc.ch/static/advisory/csnc/alcatel_omnipcx_e...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.