Details of VAR-200703-0447

ID

VAR-200703-0447

CVE

CVE-2007-1542

TITLE

Cisco IP Phone 7940 Service disruption (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2007-001716

DESCRIPTION

Unspecified vulnerability in the Cisco IP Phone 7940 and 7960 running firmware before POS8-6-0 allows remote attackers to cause a denial of service via the Remote-Party-ID sipURI field in a SIP INVITE request. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Cisco 7940/7960 phones are prone to a remote denial-of-service vulnerability. Cisco IP Phone is a system for providing voice communication over IP network. The vulnerability is caused due to an error within the handling of certain SIP INVITE messages. This can be exploited to reboot the device by sending a specially crafted INVITE message with a malformed "sipURI" field of the Remote-Party-ID. The vulnerability is reported in devices running firmware POS3-07-4-00. SOLUTION: Reportedly, firmware POS8-6-0 is unaffected. PROVIDED AND/OR DISCOVERED BY: Humberto J. Abdelnur, Radu State, and Olivier Festor ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2007-1542 // JVNDB: JVNDB-2007-001716 // BID: 23047 // VULHUB: VHN-24904 // PACKETSTORM: 55231

AFFECTED PRODUCTS

vendor:	cisco	model:	7940 router	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	7960 router	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	7960 router	scope:	lt	version:	pos8-6-0	Trust: 0.8
vendor:	cisco	model:	7940 router	scope:	eq	version:	firmware	Trust: 0.8
vendor:	cisco	model:	7960 router	scope:	eq	version:	firmware	Trust: 0.8
vendor:	cisco	model:	7940 router	scope:	lt	version:	pos8-6-0	Trust: 0.8
vendor:	cisco	model:	7940 router	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	7960 router	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	voip phone cp-7960	scope:	eq	version:	3.2	Trust: 0.3
vendor:	cisco	model:	voip phone cp-7960	scope:	eq	version:	3.1	Trust: 0.3
vendor:	cisco	model:	voip phone cp-7960	scope:	eq	version:	3.0	Trust: 0.3
vendor:	cisco	model:	voip phone cp-7940	scope:	eq	version:	3.2	Trust: 0.3
vendor:	cisco	model:	voip phone cp-7940	scope:	eq	version:	3.1	Trust: 0.3
vendor:	cisco	model:	voip phone cp-7940	scope:	eq	version:	3.0	Trust: 0.3
vendor:	cisco	model:	voip phone cp-7960	scope:	ne	version:	8.6(0)	Trust: 0.3
vendor:	cisco	model:	voip phone cp-7940	scope:	ne	version:	8.6(0)	Trust: 0.3

sources: BID: 23047 // JVNDB: JVNDB-2007-001716 // CNNVD: CNNVD-200703-490 // NVD: CVE-2007-1542

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-1542
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2007-1542
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200703-490
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-24904
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2007-1542
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-24904
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-24904 // JVNDB: JVNDB-2007-001716 // CNNVD: CNNVD-200703-490 // NVD: CVE-2007-1542

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-1542

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200703-490

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200703-490

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-001716

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-24904

PATCH

title:

Document ID: 640

url:

http://www.cisco.com/en/US/products/csr/cisco-sr-20070320-sip.html

Trust: 0.8

sources: JVNDB: JVNDB-2007-001716

EXTERNAL IDS

db:	NVD	id:	CVE-2007-1542	Trust: 2.5
db:	BID	id:	23047	Trust: 2.0
db:	SECUNIA	id:	24600	Trust: 1.8
db:	VUPEN	id:	ADV-2007-1023	Trust: 1.7
db:	SECTRACK	id:	1017797	Trust: 1.7
db:	JVNDB	id:	JVNDB-2007-001716	Trust: 0.8
db:	CNNVD	id:	CNNVD-200703-490	Trust: 0.7
db:	CISCO	id:	20070320 CISCO IP PHONE 7940/7960 SIP INVITE DENIAL OF SERVICE	Trust: 0.6
db:	XF	id:	33098	Trust: 0.6
db:	EXPLOIT-DB	id:	3526	Trust: 0.1
db:	VULHUB	id:	VHN-24904	Trust: 0.1
db:	PACKETSTORM	id:	55231	Trust: 0.1

sources: VULHUB: VHN-24904 // BID: 23047 // JVNDB: JVNDB-2007-001716 // PACKETSTORM: 55231 // CNNVD: CNNVD-200703-490 // NVD: CVE-2007-1542

REFERENCES

url:	http://www.securityfocus.com/bid/23047	Trust: 1.7
url:	http://www.cisco.com/en/us/products/products_security_response09186a00808075ad.html	Trust: 1.7
url:	http://www.securitytracker.com/id?1017797	Trust: 1.7
url:	http://secunia.com/advisories/24600	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2007/1023	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/33098	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1542	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-1542	Trust: 0.8
url:	http://www.frsirt.com/english/advisories/2007/1023	Trust: 0.6
url:	http://xforce.iss.net/xforce/xfdb/33098	Trust: 0.6
url:	http://secunia.com/product/287/	Trust: 0.1
url:	http://secunia.com/advisories/24600/	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	http://secunia.com/disassembling_og_reversing/	Trust: 0.1
url:	http://secunia.com/product/1113/	Trust: 0.1
url:	http://secunia.com/secunia_vacancies/	Trust: 0.1
url:	http://secunia.com/hardcore_disassembler_and_reverse_engineer/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/product/2809/	Trust: 0.1

sources: VULHUB: VHN-24904 // JVNDB: JVNDB-2007-001716 // PACKETSTORM: 55231 // CNNVD: CNNVD-200703-490 // NVD: CVE-2007-1542

CREDITS

Humberto J. Abdelnur Radu State※ state@loria.fr

Trust: 0.6

sources: CNNVD: CNNVD-200703-490

SOURCES

db:	VULHUB	id:	VHN-24904
db:	BID	id:	23047
db:	JVNDB	id:	JVNDB-2007-001716
db:	PACKETSTORM	id:	55231
db:	CNNVD	id:	CNNVD-200703-490
db:	NVD	id:	CVE-2007-1542

LAST UPDATE DATE

2025-04-10T23:18:14.762000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-24904	date:	2017-07-29T00:00:00
db:	BID	id:	23047	date:	2007-03-21T14:53:00
db:	JVNDB	id:	JVNDB-2007-001716	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200703-490	date:	2007-03-22T00:00:00
db:	NVD	id:	CVE-2007-1542	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-24904	date:	2007-03-20T00:00:00
db:	BID	id:	23047	date:	2007-03-20T00:00:00
db:	JVNDB	id:	JVNDB-2007-001716	date:	2012-06-26T00:00:00
db:	PACKETSTORM	id:	55231	date:	2007-03-20T15:05:29
db:	CNNVD	id:	CNNVD-200703-490	date:	2007-03-20T00:00:00
db:	NVD	id:	CVE-2007-1542	date:	2007-03-20T22:19:00