Voice of VOIPSA

Quarterly VoIP Vulnerabilities Summary

April 14th, 2008 by shawnmer

While most VoIP-related vulnerabilities are posted to the VOIPSA mailing list or blog, I thought it might be useful to have a informal quarterly summary of sorts among VoIP devices per searches from NIST. I hope folks find it helpful, and of course post comments if I’ve overlooked anything from 1 January 2008 through 31 March 2008.

VoIP Firewalls

CVE-2008-0263 Ingate Firewall & SIParator 1/15/2008

Cisco Phones

CVE-2008-0531 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
CVE-2008-0530 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
CVE-2008-0529 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
CVE-2008-0528 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
CVE-2008-0527 Cisco Unified IP Phone 7935 and 7936 2/14/2008
CVE-2008-0526 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
CVE-2008-1113 Cisco Unified Wireless IP Phone 7921 3/3/2008

Snom Phones

CVE-2008-1251 Snom 320 SIP Phone 3/10/2008
CVE-2008-1250 Snom 320 SIP Phone 3/10/2008
CVE-2008-1249 Snom 320 SIP Phone 3/10/2008
CVE-2008-1248 Snom 320 SIP Phone 3/10/2008

Vocera Phones

CVE-2008-1114 Vocera Communications wireless handsets 3/3/2008

Routers & Gateways

CVE-2008-1334 BT Home Hub router 3/13/2008

Asterisk PBX

CVE-2008-1289 Asterisk Open Source 3/24/2008
CVE-2008-1390 Asterisk Open Source 3/24/2008
CVE-2008-1332 Asterisk Open Source 3/19/2008
CVE-2008-1333 Asterisk Open Source 3/19/2008

Cisco Call Manager

CVE-2008-0026 Cisco Unified CallManager/Communications Manager 2/14/2008
CVE-2008-0027 Cisco Unified Communications Manager 1/16/2008

UPDATE 4/15/08

Milw0rm 5113 Philips VOIP841 PC-Free DECT 6.0 Wireless IP Phone 2-14-2008

This entry was posted on Monday, April 14th, 2008 at 9:04 pm and is filed under VoIP Security, VoIP Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

3 Responses to “Quarterly VoIP Vulnerabilities Summary”

IT Security » Blog Archive » Laundry List of VoIP Vulnerabilities Says:
April 15th, 2008 at 4:56 pm
[...] to call managers, to phones. Cisco, Asterisk, Snom, Vocera are listed — take a look at the full list here. [...]
Sicurezza, VoIP ed Asterisk -- Daily Asterisk Says:
April 23rd, 2008 at 9:44 am
[...] apparentemente 44) di vari sistemi VoIP, in particolare Cisco, Avaya e Nortel; VOIPSA ha pubblicato un articolo in cui si raccolgono le vulnerabilita’ dei primi mesi [...]
usken.no - VoIP news! » Blog Archive » The quarterly VoIP vulnerability list. Says:
July 22nd, 2008 at 6:49 pm
[...] VoIPSA blog released a quarterly overview of VoIP vulnerabilites for Q1 2008. Yes, it is a little old at the moment, but [...]

Quarterly VoIP Vulnerabilities Summary

3 Responses to “Quarterly VoIP Vulnerabilities Summary”

Leave a Reply

Subscribe

Categories

Contributors

Archives

Blogroll

VOIPSA Member Blogs

Recent Posts