[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Cisco Security Advisory: Unauthorized Access Vulnerability in Cisco Unified SIP Phone 3905

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Cisco Security Advisory: Unauthorized Access Vulnerability in Cisco Unified SIP Phone 3905
From: Cisco Systems Product Security Incident Response Team <psirt@xxxxxxxxx>
Date: Wed, 19 Feb 2014 11:01:22 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Unauthorized Access Vulnerability in Cisco Unified SIP 
Phone 3905

Advisory ID: cisco-sa-20140219-phone

Revision 1.0

For Public Release 2014 February 19 16:00  UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

A vulnerability in the Cisco Unified SIP Phone 3905 could allow an 
unauthenticated, remote attacker to gain root-level access to an affected 
device.

Cisco has released free software updates that address this vulnerability. 
Workarounds that mitigate this vulnerability are not available.  This advisory 
is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-phone

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.20 (Darwin)

iF4EAREKAAYFAlMEtOUACgkQUddfH3/BbToAgwD/YVTgOAUwc7a7j1oWJqLyWjsi
49ZYhWjP2fS5b9hbKdsA/1STDtpjHVVhRv4AsS8AL2EenDZGj8NyfJPM9CEUjrUm
=Ol4C
-----END PGP SIGNATURE-----

Prev by Date: Cisco Security Advisory: Cisco Firewall Services Module Cut-Through Proxy Denial of Service Vulnerability
Next by Date: Cisco Security Advisory: Multiple Vulnerabilities in Cisco IPS Software
Previous by thread: Cisco Security Advisory: Cisco Firewall Services Module Cut-Through Proxy Denial of Service Vulnerability
Next by thread: Cisco Security Advisory: Multiple Vulnerabilities in Cisco IPS Software
Index(es):
- Date
- Thread