VAR-200901-0453
Vulnerability from variot - Updated: 2023-12-18 13:30Cisco Unified IP Phone (aka SIP phone) 7960G and 7940G with firmware P0S3-08-9-00 and possibly other versions before 8.10 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a Realtime Transport Protocol (RTP) packet with malformed headers. Cisco Unified IP Phone 7960G and 7940G are prone to a denial-of-service vulnerability An attacker can exploit this issue to cause the affected phones to reboot, denying service to legitimate users. Given the nature of this issue, the attacker may also be able to run arbitrary code, but this has not been confirmed. Cisco Unified IP Phone is a set of unified IP phone solutions of Cisco (Cisco). Once the call is established, the media content is carried by the RTP protocol. Cisco released a patched firmware on October 21, 2008 which is described in the bug identifier CSCsu22285 (Cisco Unified IP Phone 7960G and 7940G (SIP) Release Notes for Firmware Release 8.10).
Credits:
- This vulnerability was discovered by Gabriel Campana and Laurent Butti from France Telecom / Orange
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200901-0453",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "unified ip phone 7960g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "unified ip phone 7940g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "unified ip phone 7960g",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "unified ip phone 7940g",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7940g"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7960g"
}
],
"sources": [
{
"db": "BID",
"id": "33264"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001688"
},
{
"db": "NVD",
"id": "CVE-2008-4444"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-201"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:unified_ip_phone_7940g:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:unified_ip_phone_7960g:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-4444"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Laurent Butti laurent.butti@orange-ftgroup.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200901-201"
}
],
"trust": 0.6
},
"cve": "CVE-2008-4444",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2008-4444",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-34569",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-4444",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200901-201",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-34569",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-34569"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001688"
},
{
"db": "NVD",
"id": "CVE-2008-4444"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-201"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Unified IP Phone (aka SIP phone) 7960G and 7940G with firmware P0S3-08-9-00 and possibly other versions before 8.10 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a Realtime Transport Protocol (RTP) packet with malformed headers. Cisco Unified IP Phone 7960G and 7940G are prone to a denial-of-service vulnerability\nAn attacker can exploit this issue to cause the affected phones to reboot, denying service to legitimate users. Given the nature of this issue, the attacker may also be able to run arbitrary code, but this has not been confirmed. Cisco Unified IP Phone is a set of unified IP phone solutions of Cisco (Cisco). Once the call is\nestablished, the media content is carried by the RTP protocol. Cisco released a patched firmware on October 21, 2008 which is\ndescribed in the bug identifier CSCsu22285 (Cisco Unified IP Phone 7960G\nand 7940G (SIP) Release Notes for Firmware Release 8.10). \n\nCredits:\n--------\n* This vulnerability was discovered by Gabriel Campana and Laurent Butti\nfrom France Telecom / Orange\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-4444"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001688"
},
{
"db": "BID",
"id": "33264"
},
{
"db": "VULHUB",
"id": "VHN-34569"
},
{
"db": "PACKETSTORM",
"id": "73908"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-34569",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-34569"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-4444",
"trust": 2.9
},
{
"db": "BID",
"id": "33264",
"trust": 2.0
},
{
"db": "SREASON",
"id": "4917",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001688",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200901-201",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20090114 CISCO UNIFIED IP PHONE 7960G AND 7940G (SIP) RTP HEADER VULNERABILITY",
"trust": 0.6
},
{
"db": "XF",
"id": "47948",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "73908",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-34569",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-34569"
},
{
"db": "BID",
"id": "33264"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001688"
},
{
"db": "PACKETSTORM",
"id": "73908"
},
{
"db": "NVD",
"id": "CVE-2008-4444"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-201"
}
]
},
"id": "VAR-200901-0453",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-34569"
}
],
"trust": 0.6625
},
"last_update_date": "2023-12-18T13:30:22.555000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001688"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-34569"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001688"
},
{
"db": "NVD",
"id": "CVE-2008-4444"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/33264"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/docs/voice_ip_comm/cuipph/7960g_7940g/firmware/sip/8_10/english/release/notes/796040sip_810.html"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/4917"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/500059/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47948"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4444"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-4444"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/47948"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/500059/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/hw/phones/ps379/index.html"
},
{
"trust": 0.3,
"url": "/archive/1/500059"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4444"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-34569"
},
{
"db": "BID",
"id": "33264"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001688"
},
{
"db": "PACKETSTORM",
"id": "73908"
},
{
"db": "NVD",
"id": "CVE-2008-4444"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-201"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-34569"
},
{
"db": "BID",
"id": "33264"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001688"
},
{
"db": "PACKETSTORM",
"id": "73908"
},
{
"db": "NVD",
"id": "CVE-2008-4444"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-201"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-01-16T00:00:00",
"db": "VULHUB",
"id": "VHN-34569"
},
{
"date": "2009-01-14T00:00:00",
"db": "BID",
"id": "33264"
},
{
"date": "2009-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001688"
},
{
"date": "2009-01-15T01:10:36",
"db": "PACKETSTORM",
"id": "73908"
},
{
"date": "2009-01-16T21:30:03.313000",
"db": "NVD",
"id": "CVE-2008-4444"
},
{
"date": "2009-01-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200901-201"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-34569"
},
{
"date": "2009-01-14T18:12:00",
"db": "BID",
"id": "33264"
},
{
"date": "2009-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001688"
},
{
"date": "2018-10-11T20:51:51.790000",
"db": "NVD",
"id": "CVE-2008-4444"
},
{
"date": "2009-01-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200901-201"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200901-201"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Unified IP Phone Service disruption in (DoS) Or arbitrary code execution vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001688"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200901-201"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…