Vulnerabilities > CVE-2005-0506 - Remote Security vulnerability in Avaya IP Office Phone Manager and IP Soft Phone
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | Avaya IP Office Phone Manager Local Password Disclosure Exploit. CVE-2005-0506. Local exploit for windows platform |
id | EDB-ID:839 |
last seen | 2016-01-31 |
modified | 2005-02-24 |
published | 2005-02-24 |
reporter | Adrian "pagvac" Pastor |
source | https://www.exploit-db.com/download/839/ |
title | Avaya IP Office Phone Manager Local Password Disclosure Exploit |