Detections
Analytics
Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager Denial of Service (CVE-2005-4794)
medium Tenable OT Security Plugin ID 502777
Synopsis
The remote OT asset is affected by a vulnerability.Description
Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset.This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
Refer to the vendor advisory.See Also
http://secunia.com/advisories/15472
http://securitytracker.com/id?1014043
http://securitytracker.com/id?1014044
http://securitytracker.com/id?1014045
http://securitytracker.com/id?1014046
http://securitytracker.com/id?1015975
http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml
http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html
http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en
Plugin Details
Severity: Medium
ID: 502777
Version: 1.2
Type: remote
Family: Tenable.ot
Published: 12/4/2024
Updated: 12/5/2024
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Low
Score: 3.4
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS Score Source: CVE-2005-4794
Vulnerability Information
CPE: cpe:/h:cisco:ip_phone_7912, cpe:/h:cisco:ip_phone_7905, cpe:/h:cisco:ip_phone_7902
Required KB Items: Tenable.ot/Cisco
Exploit Ease: No known exploits are available
Patch Publication Date: 12/31/2005
Vulnerability Publication Date: 12/31/2005
Reference Information
CVE: CVE-2005-4794