Quarterly VoIP Vulnerabilities Summary

While most VoIP-related vulnerabilities are posted to the VOIPSA mailing list or blog, I thought it might be useful to have a informal quarterly summary of sorts among VoIP devices per searches from NIST. I hope folks find it helpful, and of course post comments if I’ve overlooked anything from 1 January 2008 through 31 March 2008.

VoIP Firewalls

CVE-2008-0263 Ingate Firewall & SIParator 1/15/2008

Cisco Phones

CVE-2008-0531 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
CVE-2008-0530 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
CVE-2008-0529 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
CVE-2008-0528 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
CVE-2008-0527 Cisco Unified IP Phone 7935 and 7936 2/14/2008
CVE-2008-0526 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
CVE-2008-1113 Cisco Unified Wireless IP Phone 7921 3/3/2008

Snom Phones

CVE-2008-1251 Snom 320 SIP Phone 3/10/2008
CVE-2008-1250 Snom 320 SIP Phone 3/10/2008
CVE-2008-1249 Snom 320 SIP Phone 3/10/2008
CVE-2008-1248 Snom 320 SIP Phone 3/10/2008

Vocera Phones

CVE-2008-1114 Vocera Communications wireless handsets 3/3/2008

Routers & Gateways

CVE-2008-1334 BT Home Hub router 3/13/2008

Asterisk PBX

CVE-2008-1289 Asterisk Open Source 3/24/2008
CVE-2008-1390 Asterisk Open Source 3/24/2008
CVE-2008-1332 Asterisk Open Source 3/19/2008
CVE-2008-1333 Asterisk Open Source 3/19/2008

Cisco Call Manager

CVE-2008-0026 Cisco Unified CallManager/Communications Manager 2/14/2008
CVE-2008-0027 Cisco Unified Communications Manager 1/16/2008

UPDATE 4/15/08

Milw0rm 5113 Philips VOIP841 PC-Free DECT 6.0 Wireless IP Phone 2-14-2008

Voice of VOIPSA

Collective thoughts and musings on the state of VoIP security today.

Quarterly VoIP Vulnerabilities Summary

3 thoughts on “Quarterly VoIP Vulnerabilities Summary”

Share this:

3 thoughts on “Quarterly VoIP Vulnerabilities Summary”