VYPR

Sip Enablement Services

by Avaya

CVEs (11)

  • CVE-2008-2812HigJul 9, 2008
    risk 0.51cvss 7.8epss 0.00

    The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2)…

  • CVE-2008-6709Apr 10, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allows remote authenticated users to execute arbitrary commands via unknown vectors related to configuration of "local…

  • CVE-2008-6708Apr 10, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x and 4.x, allows remote authenticated administrators to gain root privileges via unknown vectors related to configuration…

  • CVE-2008-6707Apr 10, 2009
    risk 0.00cvss epss 0.01

    The Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, does not perform authentication for certain functionality, which allows remote attackers to obtain sensitive information and access restricted…

  • CVE-2008-6706Apr 10, 2009
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain (1) application server configuration, (2) database server configuration…

  • CVE-2008-6575Apr 1, 2009
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the SIP server in SIP Enablement Services (SES) in Avaya Communication Manager 3.1.x and 4.x allows remote authenticated users to cause a denial of service (resource consumption) via unknown vectors.

  • CVE-2008-6574Apr 1, 2009
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in SIP Enablement Services (SES) in Avaya Communication Manager 3.1.x and 4.x allows remote attackers to gain privileges and cause a denial of service via unknown vectors related to reuse of valid credentials.

  • CVE-2008-6573Apr 1, 2009
    risk 0.00cvss epss 0.01

    Multiple SQL injection vulnerabilities in Avaya SIP Enablement Services (SES) in Avaya Avaya Communication Manager 3.x, 4.0, and 5.0 (1) allow remote attackers to execute arbitrary SQL commands via unspecified vectors related to profiles in the SIP Personal Information Manager…

  • CVE-2008-3778Aug 25, 2008
    risk 0.00cvss epss 0.01

    The remote management interface in SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, proceeds with Core router updates even when a login is invalid, which allows remote attackers to cause…

  • CVE-2008-3777Aug 25, 2008
    risk 0.00cvss epss 0.00

    The SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, writes account names and passwords to the (1) alarm and (2) system logs during failed login attempts, which allows local users to…

  • CVE-2007-1491Mar 16, 2007
    risk 0.00cvss epss 0.00

    Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allows connections from external interfaces via port 8009, which exposes it to attacks from outside parties.