Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Cisco 7920 Wireless IP Phone SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cisco 7920 Wireless IP Phone
Fellow handler Donald Smith passed along the following information on two new vunerabilities.  Thanks Don!!

There are two vulnerabilities relating to the Cisco 7920 Wireless IP

 - The first vulnerability is an SNMP service with fixed community
 strings that allow remote users to read, write, and erase the
 configuration of an affected device

 - The second vulnerability is an open VxWorks Remote Debugger on UDP
 port 17185 that may allow an unauthenticated remote user to access
 debugging information or cause a denial of service

IP phones that have default passwords and unauthenticated managment
ports. KEWL:)


165 Posts
ISC Handler
Nov 16th 2005

Sign Up for Free or Log In to start participating in the conversation!