VYPR
Unrated severityNVD Advisory· Published Nov 20, 2007· Updated Jun 16, 2026

CVE-2007-5361

CVE-2007-5361

Description

The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows remote attackers to cause a denial of service (loss of audio) or intercept voice communications via a crafted TFTP request containing the phone's MAC address in the filename.

Affected products

2

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.