Sign-up

ID

VAR-200701-0286


CVE

CVE-2007-0528


TITLE

Centrality Communications A168 Chipset implements admin Web Important information in the console ( Password and configuration data ) Vulnerability to be acquired

Trust: 0.8

sources: JVNDB: JVNDB-2007-001453

DESCRIPTION

The admin web console implemented by the Centrality Communications (aka Aredfox) PA168 chipset and firmware 1.54 and earlier, as provided by various IP phones, does not require passwords or authentication tokens when using HTTP, which allows remote attackers to connect to existing superuser sessions and obtain sensitive information (passwords and configuration data). Pa168 Chipset is prone to a information disclosure vulnerability. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: SOYO G668 Ethernet IP Phone Session Management Vulnerability SECUNIA ADVISORY ID: SA23936 VERIFY ADVISORY: http://secunia.com/advisories/23936/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: >From remote OPERATING SYSTEM: SOYO G668 IP Phone 1.x http://secunia.com/product/13354/ DESCRIPTION: Adrian Pastor has reported a vulnerability in SOYO G668 Ethernet IP Phone, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error within the session management. If a superuser logs into the web management console, the web service accepts any request as long as the superuser's session is valid. This can be exploited to bypass the authentication process and e.g. allows the modification of certain settings. The vulnerability is reported in firmware version 1.42. Other versions may also be affected. SOLUTION: Only log into the web management console from trusted network environments. Use a firewall to restrict access to the phone. PROVIDED AND/OR DISCOVERED BY: Adrian Pastor ORIGINAL ADVISORY: http://milw0rm.com/exploits/3189 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.16

sources: NVD: CVE-2007-0528 // JVNDB: JVNDB-2007-001453 // BID: 86736 // VULHUB: VHN-23890 // PACKETSTORM: 53953 // PACKETSTORM: 53954

AFFECTED PRODUCTS

vendor:centralitymodel:pa168 chipsetscope:lteversion:firmware_1.54

Trust: 1.0

vendor:centralitymodel:pa168 chipsetscope:lteversion:firmware 1.54

Trust: 0.8

vendor:centralitymodel:pa168 chipsetscope:eqversion:firmware_1.54

Trust: 0.6

vendor:centralitymodel:communications pa168 chipsetscope:eqversion:1.54

Trust: 0.3

sources: BID: 86736 // JVNDB: JVNDB-2007-001453 // CNNVD: CNNVD-200701-446 // NVD: CVE-2007-0528

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-0528
value: HIGH

Trust: 1.0

NVD: CVE-2007-0528
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200701-446
value: CRITICAL

Trust: 0.6

VULHUB: VHN-23890
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2007-0528
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-23890
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-23890 // JVNDB: JVNDB-2007-001453 // CNNVD: CNNVD-200701-446 // NVD: CVE-2007-0528

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-0528

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200701-446

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200701-446

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-001453

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-23890

EXTERNAL IDS
db:NVDid:CVE-2007-0528
Trust: 2.8
db:EXPLOIT-DBid:3189
Trust: 2.2
db:SECUNIAid:23936
Trust: 1.9
db:SECUNIAid:23919
Trust: 1.9
db:OSVDBid:32966
Trust: 1.7
db:VUPENid:ADV-2007-0346
Trust: 1.7
db:JVNDBid:JVNDB-2007-001453
Trust: 0.8
db:CNNVDid:CNNVD-200701-446
Trust: 0.7
db:BUGTRAQid:20070123 PR06-14: IP PHONES BASED ON CENTRALITY COMMUNICATIONS/AREDFOX PA168 CHIPSET WEAK SESSION MANAGEMENT VULNERABILITY
Trust: 0.6
db:MILW0RMid:3189
Trust: 0.6
db:BIDid:86736
Trust: 0.4
db:VULHUBid:VHN-23890
Trust: 0.1
db:PACKETSTORMid:53953
Trust: 0.1
db:PACKETSTORMid:53954
Trust: 0.1
sources:
            
            
            VULHUB: VHN-23890 // 
            
            
            
            BID: 86736 // 
            
            
            
            JVNDB: JVNDB-2007-001453 // 
            
            
            
            PACKETSTORM: 53953 // 
            
            
            
            PACKETSTORM: 53954 // 
            
            
            
            CNNVD: CNNVD-200701-446 // 
            
            
            
            NVD: CVE-2007-0528

REFERENCES
url:http://www.procheckup.com/vulner_pr0614.php
Trust: 2.0
url:http://osvdb.org/32966
Trust: 1.7
url:http://secunia.com/advisories/23919
Trust: 1.7
url:http://secunia.com/advisories/23936
Trust: 1.7
url:http://www.securityfocus.com/archive/1/457868/100/0/threaded
Trust: 1.1
url:https://www.exploit-db.com/exploits/3189
Trust: 1.1
url:http://www.vupen.com/english/advisories/2007/0346
Trust: 1.1
url:http://milw0rm.com/exploits/3189
Trust: 1.1
url:http://www.securityfocus.com/archive/1/archive/1/457868/100/0/threaded
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0528
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-0528
Trust: 0.8
url:http://www.frsirt.com/english/advisories/2007/0346
Trust: 0.6
url:http://secunia.com/secunia_security_advisories/
Trust: 0.2
url:http://secunia.com/software_inspector/
Trust: 0.2
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.2
url:http://secunia.com/about_secunia_advisories/
Trust: 0.2
url:http://secunia.com/product/13354/
Trust: 0.1
url:http://secunia.com/advisories/23936/
Trust: 0.1
url:http://secunia.com/product/13353/
Trust: 0.1
url:http://secunia.com/advisories/23919/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-23890 // 
            
            
            
            BID: 86736 // 
            
            
            
            JVNDB: JVNDB-2007-001453 // 
            
            
            
            PACKETSTORM: 53953 // 
            
            
            
            PACKETSTORM: 53954 // 
            
            
            
            CNNVD: CNNVD-200701-446 // 
            
            
            
            NVD: CVE-2007-0528

CREDITS
Unknown
Trust: 0.3
sources:
            
            
            BID: 86736

SOURCES
db:VULHUBid:VHN-23890
db:BIDid:86736
db:JVNDBid:JVNDB-2007-001453
db:PACKETSTORMid:53953
db:PACKETSTORMid:53954
db:CNNVDid:CNNVD-200701-446
db:NVDid:CVE-2007-0528

LAST UPDATE DATE
2025-04-10T23:22:33.570000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-23890date:2018-10-16T00:00:00
db:BIDid:86736date:2007-01-25T00:00:00
db:JVNDBid:JVNDB-2007-001453date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200701-446date:2007-01-28T00:00:00
db:NVDid:CVE-2007-0528date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-23890date:2007-01-26T00:00:00
db:BIDid:86736date:2007-01-25T00:00:00
db:JVNDBid:JVNDB-2007-001453date:2012-06-26T00:00:00
db:PACKETSTORMid:53953date:2007-01-27T01:46:45
db:PACKETSTORMid:53954date:2007-01-27T01:46:45
db:CNNVDid:CNNVD-200701-446date:2007-01-25T00:00:00
db:NVDid:CVE-2007-0528date:2007-01-26T01:28:00