Sign-up

ID

VAR-200210-0184


CVE

CVE-2002-0882


TITLE

Cisco VoIP Phone Traffic Statistics Request Causes Denial of Service Attack Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200210-076

DESCRIPTION

The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allows remote attackers to cause a denial of service (reset) and possibly read sensitive memory via a large integer value in (1) the stream ID of the StreamingStatistics script, or (2) the port ID of the PortInformation script. The 7900 series VoIP Phones are a Voice-Over-IP solution distributed by Cisco Systems. It is possible to deny service to users of this line of phones. By placing a request to the /StreamingStatistics script with a stream ID (i.e. http://www.example.com/StreamingStatistics?&lt;stream&gt; where &lt;stream&gt; is an integer value) of arbitrarily high value, the phone will reset itself, creating the inability to place or receive calls for a period of up to thirty seconds. This has been reportedly reproduced by passing stream ID values of greater than 32768, and consistently reproduced with a value of 120000. The web interface of the VoIP Phone 7900 series has a loophole in processing abnormal requests, which can lead to remote attackers to conduct denial of service attacks. VoIP Phone 7900 series has a built-in monitoring port 80 WEB service. This service provides a script page for displaying streaming statistics. Users can use \" target=\"_blank\" > http://www.example.com/StreamingStatistics? < stream > Form access, because these pages can be accessed without authentication, any attacker can submit a relatively high <stream> value to the service program, which will cause the phone to reset. According to the test, providing a <stream> value higher than 32768 can be reset This vulnerability has been discovered, and requesting 120000 <stream> values ​​can reproduce the vulnerability stably

Trust: 1.53

sources: NVD: CVE-2002-0882 // BID: 4794 // BID: 4798 // VULHUB: VHN-5273

AFFECTED PRODUCTS

vendor:ciscomodel:voip phone cp-7940scope:eqversion:3.2

Trust: 2.2

vendor:ciscomodel:voip phone cp-7940scope:eqversion:3.1

Trust: 2.2

vendor:ciscomodel:voip phone cp-7940scope:eqversion:3.0

Trust: 2.2

vendor:ciscomodel:voip phone cp-7960scope:eqversion:3.2

Trust: 1.2

vendor:ciscomodel:voip phone cp-7960scope:eqversion:3.1

Trust: 1.2

vendor:ciscomodel:voip phone cp-7960scope:eqversion:3.0

Trust: 1.2

vendor:ciscomodel:voip phone cp-7910scope:eqversion:3.2

Trust: 1.2

vendor:ciscomodel:voip phone cp-7910scope:eqversion:3.1

Trust: 1.2

vendor:ciscomodel:voip phone cp-7910scope:eqversion:3.0

Trust: 1.2

vendor:ciscomodel:skinny client control protocol softwarescope:eqversion:3.0

Trust: 1.0

vendor:ciscomodel:skinny client control protocol softwarescope:eqversion:3.2

Trust: 1.0

vendor:ciscomodel:skinny client control protocol softwarescope:eqversion:3.1

Trust: 1.0

sources: BID: 4794 // BID: 4798 // CNNVD: CNNVD-200210-076 // NVD: CVE-2002-0882

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2002-0882
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200210-076
value: MEDIUM

Trust: 0.6

VULHUB: VHN-5273
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2002-0882
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-5273
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-5273 // CNNVD: CNNVD-200210-076 // NVD: CVE-2002-0882

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-0882

THREAT TYPE

network

Trust: 0.6

sources: BID: 4794 // BID: 4798

TYPE

Design Error

Trust: 1.2

sources: BID: 4794 // BID: 4798 // CNNVD: CNNVD-200210-076

EXTERNAL IDS

db:NVDid:CVE-2002-0882

Trust: 2.3

db:BIDid:4794

Trust: 2.0

db:BIDid:4798

Trust: 2.0

db:CNNVDid:CNNVD-200210-076

Trust: 0.7

db:XFid:9143

Trust: 0.6

db:XFid:9142

Trust: 0.6

db:CISCOid:20020522 MULTIPLE VULNERABILITIES IN CISCO IP TELEPHONES

Trust: 0.6

db:BUGTRAQid:20020522 MULTIPLE VULNERABILITIES IN CISCO VOIP PHONES

Trust: 0.6

db:VULHUBid:VHN-5273

Trust: 0.1

sources: VULHUB: VHN-5273 // BID: 4794 // BID: 4798 // CNNVD: CNNVD-200210-076 // NVD: CVE-2002-0882

REFERENCES

url:http://www.securityfocus.com/bid/4794

Trust: 2.7

url:http://www.securityfocus.com/bid/4798

Trust: 2.7

url:http://online.securityfocus.com/archive/1/273673

Trust: 2.7

url:http://www.cisco.com/warp/public/707/multiple-ip-phone-vulnerabilities-pub.shtml

Trust: 2.7

url:http://www.iss.net/security_center/static/9143.php

Trust: 2.7

url:http://www.iss.net/security_center/static/9142.php

Trust: 2.7

sources: VULHUB: VHN-5273 // CNNVD: CNNVD-200210-076 // NVD: CVE-2002-0882

CREDITS

Vulnerability discovery credited to Johnathan Nightingale <johnath@johnath.com>.

Trust: 0.6

sources: BID: 4794 // BID: 4798

SOURCES

db:VULHUBid:VHN-5273
db:BIDid:4794
db:BIDid:4798
db:CNNVDid:CNNVD-200210-076
db:NVDid:CVE-2002-0882

LAST UPDATE DATE

2024-11-22T23:03:16.217000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-5273date:2018-10-30T00:00:00
db:BIDid:4794date:2009-07-11T12:46:00
db:BIDid:4798date:2009-07-11T12:46:00
db:CNNVDid:CNNVD-200210-076date:2005-10-20T00:00:00
db:NVDid:CVE-2002-0882date:2024-11-20T23:40:06.100

SOURCES RELEASE DATE

db:VULHUBid:VHN-5273date:2002-10-04T00:00:00
db:BIDid:4794date:2002-05-22T00:00:00
db:BIDid:4798date:2002-05-22T00:00:00
db:CNNVDid:CNNVD-200210-076date:2002-05-22T00:00:00
db:NVDid:CVE-2002-0882date:2002-10-04T04:00:00