Vulnerabilities > CVE-2002-0882 - Unspecified vulnerability in Cisco products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

cisco

nessus

NVD

Published: 2002-10-04

Updated: 2024-11-20

Summary

The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allows remote attackers to cause a denial of service (reset) and possibly read sensitive memory via a large integer value in (1) the stream ID of the StreamingStatistics script, or (2) the port ID of the PortInformation script.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco Skinny Client Control Protocol Software 3.1 Cisco Skinny Client Control Protocol Software 3.0 Cisco Skinny Client Control Protocol Software 3.2	3
Hardware	Cisco Cisco Voip Phone CP 7940 3.0 Cisco Voip Phone CP 7940 3.1 Cisco Voip Phone CP 7940 3.2	3

Nessus

NASL family	CISCO
NASL id	CISCO_VOIP_DOS.NASL
description	The remote host appears to be a Cisco IP phone. It was possible to reboot this device by requesting : http://<phone-ip>/StreamingStatistics?120000 This device likely has other vulnerabilities that Nessus has not checked for.
last seen	2020-06-01
modified	2020-06-02
plugin id	11013
published	2002-06-05
reporter	This script is Copyright (C) 2002-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/11013
title	Cisco VoIP Phone Multiple Script Malformed Request DoS

Summary

Vulnerable Configurations

Nessus

References