Intrusion Prevention
Cisco.VoIP.Phone.Vuln
Description
This indicates an attempt to exploit denial of service and information disclosure vulnerabilities in Cisco VoIP Phone system.
There are several vulnerabilities in Cisco IP Phone models 7910, 7940, and 7960 that may allow an attacker to cause the IP phone system to reboot, disrupting service for short period, or to read memory information. This is due to input validation failure by the scripts "StreamStatistics" and "PortInformation". An attacker can send a specially crafted URL request to the "StreamStatistics" script with an invalid ID of more than 32768, causing a denial of service. A request to the PortInformation script with invalid IDs of more than 32768 makes it possible to read the contents of memory locations.
Affected Products
Cisco IP Phone (VoIP) models 7910, 7940, and 7960 3.0 through 3.2.
Impact
Denial of Service.
Information disclosure.
Recommended Actions
Apply patch according to Cisco advisory http://www.cisco.com/warp/public/707/multiple-ip-phone-vulnerabilities-pub.shtml.