Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-11-21 | CVE-2005-3723 | Denial-Of-Service vulnerability in Hitachi Ip5000 Voip Wifi Phone 1.5.6 Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not allow the user to disable access to (1) SNMP or (2) TCP port 3390, which allows remote attackers to modify configuration using CVE-2005-3722, or access the Unidata Shell to obtain sensitive information or cause a denial of service. | 7.5 |
| 2005-11-21 | CVE-2005-3722 | Remote Security vulnerability in Ip5000 Voip Wifi Phone The SNMP v1/v2c daemon in Hitachi IP5000 VOIP WIFI Phone 1.5.6 allows remote attackers to gain read or write access to system configuration using arbitrary SNMP credentials. | 7.5 |
| 2005-11-21 | CVE-2005-3721 | Remote Security vulnerability in Ip5000 Voip Wifi Phone The default configuration of the HTTP server in Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not require authentication for sensitive configuration pages, which allows remote attackers to modify configuration. | 5.0 |
| 2005-11-21 | CVE-2005-3720 | Information Disclosure vulnerability in Hitachi Ip5000 Voip Wifi Phone 1.5.6 The default index page in the HTTP server in Hitachi IP5000 VOIP WIFI Phone 1.5.6 lists sensitive information such as software versions. | 5.0 |
| 2005-11-21 | CVE-2005-3719 | Information Disclosure vulnerability in Hitachi Ip5000 Voip Wifi Phone 1.5.6 Hitachi IP5000 VOIP WIFI Phone 1.5.6 has a hard-coded administrator password of "0000", which allows attackers with physical access to obtain sensitive information and modify the phone's configuration. | 4.6 |
| 2005-11-21 | CVE-2005-3718 | Remote Access vulnerability in Utstarcom F1000 Voip Wifi Phone 2.0 UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 does not allow users to disable access to (1) SNMP or (2) the rlogin port TCP 513, which allows remote attackers to exploit other vulnerabilities such as CVE-2005-3716, or execute arbitrary shell commands via rlogin, which does not require authentication. | 7.5 |
| 2005-11-21 | CVE-2005-3717 | Remote Access vulnerability in Utstarcom F1000 Voip Wifi Phone 2.0 The telnet daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 has a default username "target" and password "password", which allows remote attackers to gain full access to the system. | 7.5 |
| 2005-11-21 | CVE-2005-3716 | Use of Hard-coded Credentials vulnerability in Utstarcom F1000 Wi-Fi Firmware 2.0 The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 has hard-coded public credentials that cannot be changed, which allows attackers to obtain sensitive information. | 7.5 |
| 2005-11-21 | CVE-2005-3715 | Remote Debugger Access vulnerability in Senao Si-680H Wireless Voip Phone 1.7.0Firmware0.03.0839 Senao SI-680H Wireless VoIP Phone Firmware 0.03.0839 leaves the VxWorks debugger UDP port 17185 available without authentication, which allows attackers to access the phone OS, obtain sensitive information, and cause a denial of service. | 7.5 |
| 2005-11-21 | CVE-2005-3699 | Unspecified vulnerability in Opera Browser Opera Web Browser 8.50 and 8.0 through 8.0.2 allows remote attackers to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site. | 5.0 |