CVE-2007-4459 - OpenCVE

Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP firmware before 8.7(0), allows remote attackers to cause a denial of service (device reboot) via (1) a certain sequence of 10 invalid SIP INVITE and OPTIONS messages; or (2) a certain invalid SIP INVITE message that contains a remote tag, followed by a certain set of two related SIP OPTIONS messages.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:M/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Voip Phone Cp-7940 Voip Phone Cp-7960

Configuration 1 [-]

OR	cpe:2.3:h:cisco:voip_phone_cp-7940::p0s3-08-6-00_firmware::::::*
	cpe:2.3:h:cisco:voip_phone_cp-7940:3.0:p0s3-08-6-00_firmware::::::
	cpe:2.3:h:cisco:voip_phone_cp-7940:3.1:p0s3-08-6-00_firmware::::::
	cpe:2.3:h:cisco:voip_phone_cp-7940:3.2:p0s3-08-6-00_firmware::::::
	cpe:2.3:h:cisco:voip_phone_cp-7940:8.6:p0s3-08-6-00_firmware::::::
	cpe:2.3:h:cisco:voip_phone_cp-7960::p0s3-08-6-00_firmware::::::*

No data.

References

Link	Providers
http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065401.html
http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065402.html
http://secunia.com/advisories/26547
http://securityreason.com/securityalert/3042
http://securitytracker.com/id?1018591
http://www.cisco.com/warp/public/707/cisco-sr-20070821-sip.shtml
http://www.osvdb.org/36695
http://www.securityfocus.com/bid/25378
http://www.vupen.com/english/advisories/2007/2928
https://exchange.xforce.ibmcloud.com/vulnerabilities/36125

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-08-21T21:00:00

Updated: 2024-08-07T14:53:56.011Z

Reserved: 2007-08-21T00:00:00

Link: CVE-2007-4459

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-08-21T21:17:00.000

Modified: 2017-07-29T01:32:57.193

Link: CVE-2007-4459

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-08-20T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP firmware before 8.7(0), allows remote attackers to cause a denial of service (device reboot) via (1) a certain sequence of 10 invalid SIP INVITE and OPTIONS messages; or (2) a certain invalid SIP INVITE message that contains a remote tag, followed by a certain set of two related SIP OPTIONS messages."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "25378", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25378"}, {"name": "cisco-ipphone-sip-dos(36125)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36125"}, {"name": "20070821 Multiple SIP Vulnerabilities in the Cisco 7960 IP Phones", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/warp/public/707/cisco-sr-20070821-sip.shtml"}, {"name": "26547", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26547"}, {"name": "20070820 10 messages SIP Remote DOS on Cisco 7940 SIP Phone", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065401.html"}, {"name": "3042", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3042"}, {"name": "20070820 3 messsages attack remote DOS on Cisco 7940", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065402.html"}, {"name": "1018591", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1018591"}, {"name": "ADV-2007-2928", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2928"}, {"name": "36695", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/36695"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-4459", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP firmware before 8.7(0), allows remote attackers to cause a denial of service (device reboot) via (1) a certain sequence of 10 invalid SIP INVITE and OPTIONS messages; or (2) a certain invalid SIP INVITE message that contains a remote tag, followed by a certain set of two related SIP OPTIONS messages."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "25378", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25378"}, {"name": "cisco-ipphone-sip-dos(36125)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36125"}, {"name": "20070821 Multiple SIP Vulnerabilities in the Cisco 7960 IP Phones", "refsource": "CISCO", "url": "http://www.cisco.com/warp/public/707/cisco-sr-20070821-sip.shtml"}, {"name": "26547", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26547"}, {"name": "20070820 10 messages SIP Remote DOS on Cisco 7940 SIP Phone", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065401.html"}, {"name": "3042", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3042"}, {"name": "20070820 3 messsages attack remote DOS on Cisco 7940", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065402.html"}, {"name": "1018591", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1018591"}, {"name": "ADV-2007-2928", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2928"}, {"name": "36695", "refsource": "OSVDB", "url": "http://www.osvdb.org/36695"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T14:53:56.011Z"}, "title": "CVE Program Container", "references": [{"name": "25378", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/25378"}, {"name": "cisco-ipphone-sip-dos(36125)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36125"}, {"name": "20070821 Multiple SIP Vulnerabilities in the Cisco 7960 IP Phones", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/warp/public/707/cisco-sr-20070821-sip.shtml"}, {"name": "26547", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26547"}, {"name": "20070820 10 messages SIP Remote DOS on Cisco 7940 SIP Phone", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065401.html"}, {"name": "3042", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/3042"}, {"name": "20070820 3 messsages attack remote DOS on Cisco 7940", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065402.html"}, {"name": "1018591", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1018591"}, {"name": "ADV-2007-2928", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2928"}, {"name": "36695", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/36695"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-4459", "datePublished": "2007-08-21T21:00:00", "dateReserved": "2007-08-21T00:00:00", "dateUpdated": "2024-08-07T14:53:56.011Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:voip_phone_cp-7940:*:p0s3-08-6-00_firmware:*:*:*:*:*:*", "matchCriteriaId": "8C89D38E-D97C-4725-B290-062FBEAA42CE", "versionEndIncluding": "8.70", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:voip_phone_cp-7940:3.0:p0s3-08-6-00_firmware:*:*:*:*:*:*", "matchCriteriaId": "9CD97749-4AD8-4B93-9E32-3379898211A1", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:voip_phone_cp-7940:3.1:p0s3-08-6-00_firmware:*:*:*:*:*:*", "matchCriteriaId": "CB9FED25-C504-4539-8511-01915C26FF51", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:voip_phone_cp-7940:3.2:p0s3-08-6-00_firmware:*:*:*:*:*:*", "matchCriteriaId": "5F335BCD-C25E-46BB-8B35-AC31FB87899A", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:voip_phone_cp-7940:8.6:p0s3-08-6-00_firmware:*:*:*:*:*:*", "matchCriteriaId": "FC32D6D4-DB30-4074-9751-EAF7731C5277", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:voip_phone_cp-7960:*:p0s3-08-6-00_firmware:*:*:*:*:*:*", "matchCriteriaId": "BF6743CA-2B76-4DD1-A864-B66C0E982BB2", "versionEndIncluding": "8.70", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP firmware before 8.7(0), allows remote attackers to cause a denial of service (device reboot) via (1) a certain sequence of 10 invalid SIP INVITE and OPTIONS messages; or (2) a certain invalid SIP INVITE message that contains a remote tag, followed by a certain set of two related SIP OPTIONS messages."}, {"lang": "es", "value": "Cisco IP Phone 7940 y 7960 con versi\u00f3n de firmware P0S3-08-6-00, y otro SIP versiones de firmware anteriores a 8.7(0), permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio del dispositivo) por medio de (1) una cierta secuencia de 10 mensajes SIP INVITE y OPTIONS no v\u00e1lidos; o (2) un determinado mensaje SIP INVITE no v\u00e1lido que contiene una etiqueta remota, seguido por un cierto ajuste de dos mensajes SIP OPTIONS relacionados."}], "id": "CVE-2007-4459", "lastModified": "2017-07-29T01:32:57.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-08-21T21:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065401.html"}, {"source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065402.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/26547"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/3042"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1018591"}, {"source": "cve@mitre.org", "url": "http://www.cisco.com/warp/public/707/cisco-sr-20070821-sip.shtml"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/36695"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/25378"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/2928"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36125"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}