Cisco 7920 Wireless IP Phone

Published: 2005-11-16
Last Updated: 2005-11-17 07:42:19 UTC
by Lorna Hutcheson (Version: 2)
0 comment(s)
Alex Tilley had an interesting observation about the 7920 phone after reading this diary entry.  If anyone else is  observing this same thing or has an explanation, please let us know:

"If I hold my mobile (cell phone) (a motorola v525) up to the screen while the mobile has a connected call, the cisco voip phone reboots.

This happens with any mobile phone and a few other cisco 7940's we have around here, but I tried it on the same model cisco at another office and it didn't reboot"



Fellow handler Donald Smith passed along the following information on two new vulnerabilities.  Thanks Don!!


http://www.cisco.com/warp/public/707/cisco-sa-20051116-7920.shtml

There are two vulnerabilities relating to the Cisco 7920 Wireless IP
 Phone:

 - The first vulnerability is an SNMP service with fixed community
 strings that allow remote users to read, write, and erase the
 configuration of an affected device

 - The second vulnerability is an open VxWorks Remote Debugger on UDP
 port 17185 that may allow an unauthenticated remote user to access
 debugging information or cause a denial of service

IP phones that have default passwords and unauthenticated managment
ports. KEWL:)



Keywords:
0 comment(s)

Comments


Diary Archives