Vulnerabilities > Alcatel Lucent > Omnipcx > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-11-20 | CVE-2007-5361 | Information Disclosure And Denial Of Service vulnerability in OmniPCX Enterprise Audio Rerouting The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows remote attackers to cause a denial of service (loss of audio) or intercept voice communications via a crafted TFTP request containing the phone's MAC address in the filename. | 8.5 |
2007-06-07 | CVE-2007-2512 | Unspecified vulnerability in Alcatel-Lucent Omnipcx 7.0 Alcatel-Lucent IP-Touch Telephone running OmniPCX Enterprise 7.0 and later enables the mini switch by default, which allows attackers to gain access to the voice VLAN via daisy-chained systems. | 7.5 |